2. ~/ $ who am i
ā¢ Frank Louwers - frank@openminds.be
ā¢ Partner in Openminds & Metatale
ā¢ http://frank.be
ā¢ Openminds offers high-quality, high-
performance Internetsolutions
ā¢ Openminds launched the ļ¬rst Belgian
OpenID identity server
5. Quick Poll?
ā¢ Who uses same username / password for
every new account?
ā¢ Who loses usernames / passwords for
some sites?
6. Quick Poll?
ā¢ Who uses same username / password for
every new account?
ā¢ Who loses usernames / passwords for
some sites?
ā¢ Who has a blog?
7. Quick Poll?
ā¢ Who uses same username / password for
every new account?
ā¢ Who loses usernames / passwords for
some sites?
ā¢ Who has a blog?
ā¢ Who has OpenID? (Wordpress.com, AOL,
Typepad,Yahoo!, ...)
9. Morning workļ¬ow
ā¢ Read Mail
ā¢ Read RSS feeds
ā¢ Use company Intranet / wiki
ā¢ Write blogpost
ā¢ Comment on other blogs / wiki
10. Morning workļ¬ow
ā¢ Read Mail needs login
ā¢ Read RSS feeds
ā¢ Use company Intranet / wiki
ā¢ Write blogpost
ā¢ Comment on other blogs / wiki
11. Morning workļ¬ow
ā¢ Read Mail needs login
ā¢ Read RSS feeds needs login
ā¢ Use company Intranet / wiki
ā¢ Write blogpost
ā¢ Comment on other blogs / wiki
12. Morning workļ¬ow
ā¢ Read Mail needs login
ā¢ Read RSS feeds needs login
ā¢ Use company Intranet / wiki needs login
ā¢ Write blogpost
ā¢ Comment on other blogs / wiki
13. Morning workļ¬ow
ā¢ Read Mail needs login
ā¢ Read RSS feeds needs login
ā¢ Use company Intranet / wiki needs login
ā¢ Write blogpost needs login
ā¢ Comment on other blogs / wiki
14. Morning workļ¬ow
ā¢ Read Mail needs login
ā¢ Read RSS feeds needs login
ā¢ Use company Intranet / wiki needs login
ā¢ Write blogpost needs login
ā¢ Comment on other blogs / wiki needs login
19. Lazy solution
ā¢ Same password everywhere
ā¢ Not safe
ā¢ One site compromised, all sites
compromised
ā¢ When your mail-address changes, accounts
lost?
20. Solution: Single Sign On
ā¢ Previous attempts: Microsoft Passport.net
ā¢ Centralised (not everyone trusts MS)
ā¢ Expensive to integrate
ā¢ Not extendable
21. OpenID: KISS
ā¢ De-centralised
ā¢ Open Standards based
ā¢ easy, lightweight protocol
ā¢ providing Single Sign On
ā¢ Based on proven standards (dns and urls)
ā¢ A blog identiļ¬es a person
22. De-centralised
ā¢ You choose one of the many OpenID i-
providers (http://openid.openminds.be)
ā¢ You choose who you trust and why
ā¢ Even set-up your own OpenID server if
you want
ā¢ Itās the only place where your credentials
are stored
24. Login to OpenID sites
ā¢ Enter your OpenID identiļ¬er url as
āusernameā
ā¢ Site contacts your OpenID Server (based
on url)
ā¢ OpenID Server checks if you are logged in
ā¢ OpenID Server passes token to site
25.
26. Only the ļ¬rst time I login to an OpenID site that day.
Next time, only a conļ¬rmation is needed.
28. Wikitravel doesnāt have a local account for this OpenID.
Suggests me to create one. This happens only the ļ¬rst
time. It binds my OpenID (openid.openminds.be/frank) to
this new account.
29. Blog url as OpenID
ā¢ My OpenID: openid.openminds.be/frank
ā¢ My blog: frank.be
ā¢ Solution? Simple HTML tags!
30. Add html headers tags
No other plugins or code needed on your blog!
33. Plugins available for:
ā¢ Blog software (Wordpress, MT,
Mephisto, ...)
ā¢ Wiki software (MediaWiki, DokuWiki, ...)
ā¢ Almost all Web frameworks (Drupal, Ruby
on Rails, Joomla, Django, ...)
34. Add OpenID to your project
ā¢ Lower barrier (users donāt need to create
an account) eg: http://iusethis.com
ā¢ Simpliļ¬es account setup
ā¢ Speciļ¬c hacks
ā¢ AIM integration
ā¢ Company Intranets or wikiās and
Company OpenID
35. Problems?
ā¢ Google isnāt in, and wonāt be in soon
ā¢ Login is slower (browser redirects ...)
ā¢ Vulnerable to Phishing
ā¢ risk actually less than with username /
password logins
ā¢ can be ļ¬xed with plugins (and FF3)
36. Future versions
ā¢ Exchange of more attributes
ā¢ Gravatars?
ā¢ Address (eg for shipping)
ā¢ Language / timezone settings
ā¢ Veriļ¬ed email address or not
ā¢ Security enhancements