OpenID & OAuth for the Consumer Web Workshop, Part 1 of 3

4,662 views
4,594 views

Published on

This is the first 1/3 of a workshop I gave with Eric Sachs and David Primmer of Google at the Cloud Identity Summit.

http://www.cloudidentitysummit.com/

Published in: Technology
4 Comments
6 Likes
Statistics
Notes
No Downloads
Views
Total views
4,662
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
148
Comments
4
Likes
6
Embeds 0
No embeds

No notes for slide

OpenID & OAuth for the Consumer Web Workshop, Part 1 of 3

  1. 1. OpenID & OAuth for the Consumer Web Chris Messina David Primmer Eric Sachs Ping Cloud Identity Summit Keystone, CO July 20, 2010
  2. 2. Agenda • The Value • The Technology • The Future • Breakouts
  3. 3. Agenda • The Value • The Technology • The Future • Breakouts
  4. 4. The Value
  5. 5. What
  6. 6. chris.messina@gmail.com ••••••••••
  7. 7. Why support third party auth? (Answers that relying parties should care about!) • Who do you want to be, in this context? • Who do you want to hang out with (in this context)? • How can we be instantly relevant and meet your needs with minimal effort? • What kind of handles and scaffolding can we provide to make it easier to create social interaction? 22
  8. 8. Why
  9. 9. Plaxo’s 92% Success Story
  10. 10. Spot the problem?
  11. 11. Second Brain
  12. 12. Evil Bad Brain
  13. 13. Plaxo’s 92% success story • specially-crafted email to Gmail users • Gmail users likely to have Google profile & address book • one-click sign up and address book import • also requests name, verified email address
  14. 14. Plaxo’s 92% success story • Better for the user: higher success rate with no password anti- pattern • Better for the provider: Happy users and no automated data scraping • Better for the site: Higher conversion rate; more informed social graph
  15. 15. + + Portable Contacts
  16. 16. Photo by Teresa Stanton
  17. 17. Unique OpenID Relying Parties As of July 1, 2009 50,000 40,000 30,000 20,000 10,000 0 5 06 06 06 6 07 07 07 7 08 08 08 8 09 09 /0 /0 /0 /0 1/ 4/ 7/ 1/ 4/ 7/ 1/ 4/ 7/ 1/ 7/ 10 10 10 Data from Janrain 10
  18. 18. 1 Billion+ OpenIDs
  19. 19. Janrain
  20. 20. OpenID usage trends (Janrain) OpenID Providers on UserVoice 34% 33% 10% 15% 8% Google Facebook Yahoo! Other Twitter Data from Janrain, May 2010
  21. 21. OpenID usage trends (Janrain) OpenID Providers on Interscope Records 8% 12% 12% 52% 6% 10% Google Facebook Yahoo! Other Twitter MySpace Data from Janrain, May 2010
  22. 22. OpenID usage trends (Janrain) OpenID Providers on sulit.com.ph 10% 24% 1% 64% Google Facebook Yahoo! Other Chart from Janrain, January 2009
  23. 23. OpenID usage trends (Janrain) Sign in preferences across all properties 23.5% Google 38.8% Facebook Yahoo! Other (MySpace, Windows Live, AOL, etc) 13.0% Twitter 5.8% 18.9% Data from Janrain, May 2010
  24. 24. Gigya
  25. 25. Third-party authentication usage trends (Gigya) Sign in preferences across all Gigya properties Source: Gigya, June 2010
  26. 26. Third-party authentication usage trends (Gigya) Sign in preferences across entertainment sites Source: Gigya, June 2010
  27. 27. Third-party authentication usage trends (Gigya) Sign in preferences across news sites Source: Gigya, June 2010
  28. 28. Third-party authentication usage trends (Gigya) Sign in preferences across B2B sites Source: Gigya, June 2010
  29. 29. Echo
  30. 30. Source: Echo, March 2010
  31. 31. What does this tell us? 54
  32. 32. What does this tell us? • People use different identities for different purposes 54
  33. 33. What does this tell us? • People use different identities for different purposes • Ultimately choice and competition is a good thing to foster in this early landscape 54
  34. 34. What does this tell us? • People use different identities for different purposes • Ultimately choice and competition is a good thing to foster in this early landscape • Digital identity is in its infancy; it’s too early to pick the winners 54
  35. 35. What does this tell us? Basecamp Lady Gaga
  36. 36. +
  37. 37. Totals Janrain OAuth 32% OpenID 48%+ Gigya OAuth 62% OpenID 38% Echo OAuth 35% OpenID 64%
  38. 38. It’s inevitable
  39. 39. conversion, convenience, costs
  40. 40. service
  41. 41. How
  42. 42. NASCAR
  43. 43. Photo by larry wfu
  44. 44. Photo by Vaguely Artistic
  45. 45. XAuth
  46. 46. WebFinger
  47. 47. WebFinger
  48. 48. The Hammer Stack Discovery for the open web
  49. 49. How WebFinger works Enter email: Email Lookup
  50. 50. How WebFinger works Enter email: chris.messina@gmail.com Lookup
  51. 51. How WebFinger works Enter email: chris.messina@gmail.com Lookup
  52. 52. How WebFinger works Discovering a user’s WebFinger profile chris.messina@gmail.com
  53. 53. How WebFinger works Discovering a user’s WebFinger profile chris.messina@gmail.com { domain
  54. 54. How WebFinger works Discovering a user’s WebFinger profile chris.messina@gmail.com { domain
  55. 55. How WebFinger works Use host meta to retrieve an LRDD document $curl http://gmail.com/.well-known/host-meta
  56. 56. How WebFinger works Use host meta to retrieve an LRDD document $curl http://gmail.com/.well-known/host-meta
  57. 57. How WebFinger works Use host meta to retrieve an LRDD document $curl http://gmail.com/.well-known/host-meta
  58. 58. How WebFinger works Server returns LRDD document <?xml version='1.0' encoding='UTF-8'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'      xmlns:hm='http://host-meta.net/xrd/1.0'>   <hm:Host xmlns='http://host-meta.net/xrd/1.0'>gmail.com</hm:Host>   <Link rel='lrdd'         template='http://www.google.com/s2/webfinger/?q={uri}'>     <Title>Resource Descriptor</Title>   </Link> </XRD>
  59. 59. How WebFinger works Server returns LRDD document <?xml version='1.0' encoding='UTF-8'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'      xmlns:hm='http://host-meta.net/xrd/1.0'>   <hm:Host xmlns='http://host-meta.net/xrd/1.0'>gmail.com</hm:Host>   <Link rel='lrdd'         template='http://www.google.com/s2/webfinger/?q={uri}'>     <Title>Resource Descriptor</Title>   </Link> </XRD>
  60. 60. How WebFinger works Plugin acct: into URI Template http://www.google.com/s2/webfinger/?q={uri}
  61. 61. How WebFinger works Plugin acct: into URI Template chris.messina@gmail.com http://www.google.com/s2/webfinger/?q={uri}
  62. 62. How WebFinger works Plugin acct: into URI Template acct:chris.messina@gmail.com http://www.google.com/s2/webfinger/?q={uri}
  63. 63. How WebFinger works Plugin acct: into URI Template http://www.google.com/s2/webfinger/?q={uri} acct:chris.messina@gmail.com
  64. 64. How WebFinger works Plugin acct: into URI Template http://www.google.com/s2/webfinger/?q={uri} acct:chris.messina@gmail.com
  65. 65. How WebFinger works Retrieve WebFinger document $curl http://www.google.com/s2/webfinger/?q=acct:chris.messina@gmail.com
  66. 66. How WebFinger works Retrieve WebFinger document $curl http://www.google.com/s2/webfinger/?q=acct:chris.messina@gmail.com
  67. 67. How WebFinger works Retrieve WebFinger document $curl http://www.google.com/s2/webfinger/?q=acct:chris.messina@gmail.com
  68. 68. How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
  69. 69. How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
  70. 70. How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
  71. 71. How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
  72. 72. Putting it together Making OpenID easier using an email address Enter email: Email Connect Lookup
  73. 73. Putting it together Making OpenID easier using an email address Enter email: Email Connect
  74. 74. Putting it together Making OpenID easier using an email address Enter email: chris.messina@gmail.com Connect
  75. 75. Putting it together Making OpenID easier using an email address Enter email: chris.messina@gmail.com Connect
  76. 76. Putting it together Making OpenID easier using an email address Signed in as: Chris Messina 
  77. 77. Putting it together Making OpenID easier using an email address Signed in as: Chris Messina 
  78. 78. Connect
  79. 79. The anatomy of connect ...according to David Recordon 95 Source O’Reilly Radar.
  80. 80. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) 95 Source O’Reilly Radar.
  81. 81. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) 95 Source O’Reilly Radar.
  82. 82. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) 95 Source O’Reilly Radar.
  83. 83. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) • Activity (poked, bought, shared, blogged) 95 Source O’Reilly Radar.
  84. 84. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) • Activity (poked, bought, shared, blogged) • Goal: Discovery of new people and content 95 Source O’Reilly Radar.
  85. 85. Connect
  86. 86. Agenda • The Value • The Technology • The Future • Breakouts

×