• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Spec Update - OpenID Retail Summit at PayPal

Spec Update - OpenID Retail Summit at PayPal






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds


Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Spec Update - OpenID Retail Summit at PayPal Spec Update - OpenID Retail Summit at PayPal Presentation Transcript

    • OpenID Specification Work Update
      OpenID Retail Summit – March 8, 2011
      Mike Jones – Microsoft
    • Spec Work Ongoing
      Existing OpenID 2.0 specifications in use now
      Already work fine for many use cases
      Active working occurring to extend specifications for new use cases
      Mobile phones and other limited platforms
      “Facebook Connect” style functionality for easy registration
      Easier deployment than OpenID 2.0
    • Working Group
      Spec work occurring in “Artifact Binding” working group
      Incorporates submissions to former “Connect” working group
      Merger sometimes called “OpenID ABC”
      Almost certainly not final branding!
      OpenID specs developed via an open process
      All free to participate
    • WG Participants
      Key working group participants:
      Nat Sakimura – Nippon Research Institute – Japan
      John Bradley – Independent – Chile
      Breno de Medeiros – Google – US
      Paul Tarjan – Facebook – US
      Axel Nennker – Deutsche Telekom – Germany
      Kick Willemse – Independent – Netherlands
      Tony Nadalin – Microsoft – US
      Mike Jones – Microsoft – US
      By no means an exhaustive list!
    • New Spec Building Blocks
      Build on OAuth 2.0
      Use JavaScript Object Notation (JSON)
      JSON Web Token (JWT) claims representation
      Goal: Easy implementation on all modern web platforms
    • Spec Structure
      OpenID AB spec contains in two parts
      Core – abstract specification
      Binding – OAuth 2 based binding
      JSON Web Token (JWT) spec with signing
      Next version will add encryption
      Other specs like UMA are looking to adopt it
      Discovery a separate spec
      Will refer to OAuth 2.0 specs once finished
    • Spec Progress
      Current status
      Core – 70% done
      Bindings – 75% done (pending OAuth 2.0 completion)
      Discovery – 80% (working from SWD)
      JWT – 90% done for tokens and signature
      Encryption remains to be specified
      OAuth 2.0 – 95%
      Target: Complete drafts by Internet Identity Workshop (IIW) in May
    • Implementation Status
      OpenID ABC
      Demo version of core and artifact binding available in PHP (BitBucket)
      Code needs updates for current JWT and yesterday’s spec results
      JSON Web Token (JWT)
      Implementations for Java, PHP, Python, Ruby, .NET
    • ABC Capabilities
      Artifact Binding
      UserInfo Endpoint
      Simple RPs
      Higher LoA
      Session Management
      Unregistered Clients
      OAuth 2 Integration
      Use of JWTs
      Single Logout
    • Open Spec Issues
      Kinds of identifiers are supported
      Harmonization with OAuth 2
      Permissioning distributed attribute providers
      Claims specification and integration
      Trust metadata formats and transports
    • Identifiers
      Need to define the supported formats and normalization rules
      E-mail Address
      http/https URL
      Phone Number?
    • Use of Summits
      May IIW : Review drafts, make remaining decisions
      Munich:  Brief participants on progress, specs - gather input
      Tokyo:  Test implementations; learn from implementation and deployment experiences
      Colorado:  Interop work – potentially in cooperation with OSIS
      London:  Brief participants on progress, specs - gather input
      Nov IIW:  Spec refinement and/or finalization
    • Discussion & Resources
      Artifact Binding Working Group Wiki Page
      Artifact Binding Mailing List
      My blog: