Spec Update - OpenID Retail Summit at PayPal
Upcoming SlideShare
Loading in...5
×
 

Spec Update - OpenID Retail Summit at PayPal

on

  • 1,052 views

 

Statistics

Views

Total Views
1,052
Views on SlideShare
1,052
Embed Views
0

Actions

Likes
0
Downloads
5
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Spec Update - OpenID Retail Summit at PayPal Spec Update - OpenID Retail Summit at PayPal Presentation Transcript

  • OpenID Specification Work Update
    OpenID Retail Summit – March 8, 2011
    Mike Jones – Microsoft
  • Spec Work Ongoing
    Existing OpenID 2.0 specifications in use now
    Already work fine for many use cases
    Active working occurring to extend specifications for new use cases
    Mobile phones and other limited platforms
    “Facebook Connect” style functionality for easy registration
    Easier deployment than OpenID 2.0
  • Working Group
    Spec work occurring in “Artifact Binding” working group
    Incorporates submissions to former “Connect” working group
    Merger sometimes called “OpenID ABC”
    Almost certainly not final branding!
    OpenID specs developed via an open process
    All free to participate
  • WG Participants
    Key working group participants:
    Nat Sakimura – Nippon Research Institute – Japan
    John Bradley – Independent – Chile
    Breno de Medeiros – Google – US
    Paul Tarjan – Facebook – US
    Axel Nennker – Deutsche Telekom – Germany
    Kick Willemse – Independent – Netherlands
    Tony Nadalin – Microsoft – US
    Mike Jones – Microsoft – US
    By no means an exhaustive list!
  • New Spec Building Blocks
    Build on OAuth 2.0
    Use JavaScript Object Notation (JSON)
    JSON Web Token (JWT) claims representation
    Goal: Easy implementation on all modern web platforms
  • Spec Structure
    OpenID AB spec contains in two parts
    Core – abstract specification
    Binding – OAuth 2 based binding
    JSON Web Token (JWT) spec with signing
    Next version will add encryption
    Other specs like UMA are looking to adopt it
    Discovery a separate spec
    Will refer to OAuth 2.0 specs once finished
  • Spec Progress
    Current status
    Core – 70% done
    Bindings – 75% done (pending OAuth 2.0 completion)
    Discovery – 80% (working from SWD)
    JWT – 90% done for tokens and signature
    Encryption remains to be specified
    OAuth 2.0 – 95%
    Target: Complete drafts by Internet Identity Workshop (IIW) in May
  • Implementation Status
    OpenID ABC
    Demo version of core and artifact binding available in PHP (BitBucket)
    Code needs updates for current JWT and yesterday’s spec results
    JSON Web Token (JWT)
    Implementations for Java, PHP, Python, Ruby, .NET
  • ABC Capabilities
    Artifact Binding
    UserInfo Endpoint
    Simple RPs
    Higher LoA
    Session Management
    Unregistered Clients
    OAuth 2 Integration
    Use of JWTs
    Single Logout
  • Open Spec Issues
    Kinds of identifiers are supported
    Harmonization with OAuth 2
    Permissioning distributed attribute providers
    Claims specification and integration
    Trust metadata formats and transports
  • Identifiers
    Need to define the supported formats and normalization rules
    E-mail Address
    http/https URL
    Phone Number?
  • Use of Summits
    May IIW : Review drafts, make remaining decisions
    Munich:  Brief participants on progress, specs - gather input
    Tokyo:  Test implementations; learn from implementation and deployment experiences
    Colorado:  Interop work – potentially in cooperation with OSIS
    London:  Brief participants on progress, specs - gather input
    Nov IIW:  Spec refinement and/or finalization
  • Discussion & Resources
    Artifact Binding Working Group Wiki Page
    http://wiki.openid.net/w/page/12995134/Artifact-Binding
    Artifact Binding Mailing List
    http://lists.openid.net/mailman/listinfo/openid-specs-ab
    My blog:
    http://self-issued.info/