SlideShare a Scribd company logo

Spec Update - OpenID Retail Summit at PayPal

Download as PPTX, PDF
Ashish Jain
Ashish Jain
TechnologyBusiness
1 of 13
OpenID Specification Work Update OpenID Retail Summit – March 8, 2011 Mike Jones – Microsoft
Spec Work Ongoing Existing OpenID 2.0 specifications in use now Already work fine for many use cases Active working occurring to extend specifications for new use cases Mobile phones and other limited platforms “Facebook Connect” style functionality for easy registration Easier deployment than OpenID 2.0
Working Group Spec work occurring in “Artifact Binding” working group Incorporates submissions to former “Connect” working group Merger sometimes called “OpenID ABC” Almost certainly not final branding! OpenID specs developed via an open process All free to participate
WG Participants Key working group participants: Nat Sakimura – Nippon Research Institute – Japan John Bradley – Independent – Chile Breno de Medeiros – Google – US Paul Tarjan – Facebook – US Axel Nennker – Deutsche Telekom – Germany Kick Willemse – Independent – Netherlands Tony Nadalin – Microsoft – US Mike Jones – Microsoft – US By no means an exhaustive list!
New Spec Building Blocks Build on OAuth 2.0 Use JavaScript Object Notation (JSON) JSON Web Token (JWT) claims representation Goal: Easy implementation on all modern web platforms
Spec Structure OpenID AB spec contains in two parts Core – abstract specification Binding – OAuth 2 based binding JSON Web Token (JWT) spec with signing Next version will add encryption Other specs like UMA are looking to adopt it Discovery a separate spec Will refer to OAuth 2.0 specs once finished
Spec Progress Current status Core – 70% done Bindings – 75% done (pending OAuth 2.0 completion) Discovery – 80% (working from SWD) JWT – 90% done for tokens and signature Encryption remains to be specified OAuth 2.0 – 95% Target: Complete drafts by Internet Identity Workshop (IIW) in May
Implementation Status OpenID ABC Demo version of core and artifact binding available in PHP (BitBucket) Code needs updates for current JWT and yesterday’s spec results JSON Web Token (JWT) Implementations for Java, PHP, Python, Ruby, .NET
ABC Capabilities Artifact Binding UserInfo Endpoint Simple RPs Higher LoA Session Management Unregistered Clients OAuth 2 Integration Use of JWTs Single Logout
Open Spec Issues Kinds of identifiers are supported Harmonization with OAuth 2 Permissioning distributed attribute providers Claims specification and integration Trust metadata formats and transports
Identifiers Need to define the supported formats and normalization rules E-mail Address http/https URL Phone Number?
Use of Summits May IIW : Review drafts, make remaining decisions Munich:  Brief participants on progress, specs - gather input Tokyo:  Test implementations; learn from implementation and deployment experiences Colorado:  Interop work – potentially in cooperation with OSIS London:  Brief participants on progress, specs - gather input Nov IIW:  Spec refinement and/or finalization
Discussion & Resources Artifact Binding Working Group Wiki Page http://wiki.openid.net/w/page/12995134/Artifact-Binding Artifact Binding Mailing List http://lists.openid.net/mailman/listinfo/openid-specs-ab My blog: http://self-issued.info/

Recommended

Semantic Search with Infolution - White paper by Ruud van der Pol (Infolution)
Semantic Search with Infolution - White paper by Ruud van der Pol (Infolution)Semantic Search with Infolution - White paper by Ruud van der Pol (Infolution)
Semantic Search with Infolution - White paper by Ruud van der Pol (Infolution)
Infolution bv
 
OpenID Foundation iGov Working Group Update - October 22, 2018
OpenID Foundation iGov Working Group Update - October 22, 2018OpenID Foundation iGov Working Group Update - October 22, 2018
OpenID Foundation iGov Working Group Update - October 22, 2018
OpenIDFoundation
 
Kodak - OpenID Retail Summit at PayPal
Kodak - OpenID Retail Summit at PayPalKodak - OpenID Retail Summit at PayPal
Kodak - OpenID Retail Summit at PayPal
Ashish Jain
 
UsingMiles - OpenID Retail Summit at PayPal
UsingMiles - OpenID Retail Summit at PayPalUsingMiles - OpenID Retail Summit at PayPal
UsingMiles - OpenID Retail Summit at PayPal
Ashish Jain
 
MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013
Ashish Jain
 
Mobile Devices in the Enterprise: What IT needs to know
Mobile Devices in the Enterprise: What IT needs to knowMobile Devices in the Enterprise: What IT needs to know
Mobile Devices in the Enterprise: What IT needs to know
Ashish Jain
 
PayPal OpenID User Experience
PayPal OpenID User ExperiencePayPal OpenID User Experience
PayPal OpenID User Experience
Ashish Jain
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSO
Ashish Jain
 

Recommended

Semantic Search with Infolution - White paper by Ruud van der Pol (Infolution)
Semantic Search with Infolution - White paper by Ruud van der Pol (Infolution)Semantic Search with Infolution - White paper by Ruud van der Pol (Infolution)
Semantic Search with Infolution - White paper by Ruud van der Pol (Infolution)
Infolution bv
 
OpenID Foundation iGov Working Group Update - October 22, 2018
OpenID Foundation iGov Working Group Update - October 22, 2018OpenID Foundation iGov Working Group Update - October 22, 2018
OpenID Foundation iGov Working Group Update - October 22, 2018
OpenIDFoundation
 
Kodak - OpenID Retail Summit at PayPal
Kodak - OpenID Retail Summit at PayPalKodak - OpenID Retail Summit at PayPal
Kodak - OpenID Retail Summit at PayPal
Ashish Jain
 
UsingMiles - OpenID Retail Summit at PayPal
UsingMiles - OpenID Retail Summit at PayPalUsingMiles - OpenID Retail Summit at PayPal
UsingMiles - OpenID Retail Summit at PayPal
Ashish Jain
 
MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013
Ashish Jain
 
Mobile Devices in the Enterprise: What IT needs to know
Mobile Devices in the Enterprise: What IT needs to knowMobile Devices in the Enterprise: What IT needs to know
Mobile Devices in the Enterprise: What IT needs to know
Ashish Jain
 
PayPal OpenID User Experience
PayPal OpenID User ExperiencePayPal OpenID User Experience
PayPal OpenID User Experience
Ashish Jain
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSO
Ashish Jain
 
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group UpdateOpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
MikeLeszcz
 
OpenID Progress EEMA Conference
OpenID Progress EEMA ConferenceOpenID Progress EEMA Conference
OpenID Progress EEMA Conference
evidos
 
Maker of Things - the open IoT cloud for makers chapter.
Maker of Things - the open IoT cloud for makers chapter.Maker of Things - the open IoT cloud for makers chapter.
Maker of Things - the open IoT cloud for makers chapter.
Jollen Chen
 
OpenID Foundation Connect Working Group Update - October 22, 2018
OpenID Foundation Connect Working Group Update - October 22, 2018OpenID Foundation Connect Working Group Update - October 22, 2018
OpenID Foundation Connect Working Group Update - October 22, 2018
OpenIDFoundation
 
OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018
OpenIDFoundation
 
Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011
Nat Sakimura
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007
Jorgen Thelin
 
Microsoft .Net Framework 2 0
Microsoft .Net Framework 2 0Microsoft .Net Framework 2 0
Microsoft .Net Framework 2 0
Acend Corporate Learning
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OpenIDFoundation
 
SachinBC_Resume
SachinBC_ResumeSachinBC_Resume
SachinBC_Resume
Sachin BC
 
Mule tcat server
Mule tcat serverMule tcat server
Mule tcat server
D.Rajesh Kumar
 
Mule anypoint connector
Mule anypoint connectorMule anypoint connector
Mule anypoint connector
D.Rajesh Kumar
 
Mule anypoint connector dev kit
Mule anypoint connector dev kitMule anypoint connector dev kit
Mule anypoint connector dev kit
D.Rajesh Kumar
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSI
Torsten Lodderstedt
 
Resin.io overview (2016 July)
Resin.io overview (2016 July)Resin.io overview (2016 July)
Resin.io overview (2016 July)
Balena
 
FIWARE IoT Proposal & Community
FIWARE IoT Proposal & CommunityFIWARE IoT Proposal & Community
FIWARE IoT Proposal & Community
FIWARE
 
Using Node-RED for building IoT workflows
Using Node-RED for building IoT workflowsUsing Node-RED for building IoT workflows
Using Node-RED for building IoT workflows
Aniruddha Chakrabarti
 
Light-up-your-out-of-the-box LightSwitch Application
Light-up-your-out-of-the-box LightSwitch ApplicationLight-up-your-out-of-the-box LightSwitch Application
Light-up-your-out-of-the-box LightSwitch Application
Boulos Dib
 
jimnresumesse
jimnresumessejimnresumesse
jimnresumesse
Jim Nye
 
The WebKit project (LinuxCon North America 2012)
The WebKit project (LinuxCon North America 2012)The WebKit project (LinuxCon North America 2012)
The WebKit project (LinuxCon North America 2012)
Igalia
 
Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPS
Ashish Jain
 
Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal
Ashish Jain
 

More Related Content

Similar to Spec Update - OpenID Retail Summit at PayPal

Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011
Nat Sakimura
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007
Jorgen Thelin
 
SachinBC_Resume
SachinBC_ResumeSachinBC_Resume
SachinBC_Resume
Sachin BC
 
jimnresumesse
jimnresumessejimnresumesse
jimnresumesse
Jim Nye
 
The WebKit project (LinuxCon North America 2012)
The WebKit project (LinuxCon North America 2012)The WebKit project (LinuxCon North America 2012)
The WebKit project (LinuxCon North America 2012)
Igalia
 

Similar to Spec Update - OpenID Retail Summit at PayPal (20)

OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group UpdateOpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
 
OpenID Progress EEMA Conference
OpenID Progress EEMA ConferenceOpenID Progress EEMA Conference
OpenID Progress EEMA Conference
 
Maker of Things - the open IoT cloud for makers chapter.
Maker of Things - the open IoT cloud for makers chapter.Maker of Things - the open IoT cloud for makers chapter.
Maker of Things - the open IoT cloud for makers chapter.
 
OpenID Foundation Connect Working Group Update - October 22, 2018
OpenID Foundation Connect Working Group Update - October 22, 2018OpenID Foundation Connect Working Group Update - October 22, 2018
OpenID Foundation Connect Working Group Update - October 22, 2018
 
OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018
 
Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011Open id specifications_work_update-tokyo_2011
Open id specifications_work_update-tokyo_2011
 
WS-* Specifications Update 2007
WS-* Specifications Update 2007WS-* Specifications Update 2007
WS-* Specifications Update 2007
 
Microsoft .Net Framework 2 0
Microsoft .Net Framework 2 0Microsoft .Net Framework 2 0
Microsoft .Net Framework 2 0
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
 
SachinBC_Resume
SachinBC_ResumeSachinBC_Resume
SachinBC_Resume
 
Mule tcat server
Mule tcat serverMule tcat server
Mule tcat server
 
Mule anypoint connector
Mule anypoint connectorMule anypoint connector
Mule anypoint connector
 
Mule anypoint connector dev kit
Mule anypoint connector dev kitMule anypoint connector dev kit
Mule anypoint connector dev kit
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSI
 
Resin.io overview (2016 July)
Resin.io overview (2016 July)Resin.io overview (2016 July)
Resin.io overview (2016 July)
 
FIWARE IoT Proposal & Community
FIWARE IoT Proposal & CommunityFIWARE IoT Proposal & Community
FIWARE IoT Proposal & Community
 
Using Node-RED for building IoT workflows
Using Node-RED for building IoT workflowsUsing Node-RED for building IoT workflows
Using Node-RED for building IoT workflows
 
Light-up-your-out-of-the-box LightSwitch Application
Light-up-your-out-of-the-box LightSwitch ApplicationLight-up-your-out-of-the-box LightSwitch Application
Light-up-your-out-of-the-box LightSwitch Application
 
jimnresumesse
jimnresumessejimnresumesse
jimnresumesse
 
The WebKit project (LinuxCon North America 2012)
The WebKit project (LinuxCon North America 2012)The WebKit project (LinuxCon North America 2012)
The WebKit project (LinuxCon North America 2012)
 

More from Ashish Jain

Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal
Ashish Jain
 
eBay - OpenID Retail Summit at PayPal
eBay - OpenID Retail Summit at PayPaleBay - OpenID Retail Summit at PayPal
eBay - OpenID Retail Summit at PayPal
Ashish Jain
 

More from Ashish Jain (11)

Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPS
 
Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal
 
eBay - OpenID Retail Summit at PayPal
eBay - OpenID Retail Summit at PayPaleBay - OpenID Retail Summit at PayPal
eBay - OpenID Retail Summit at PayPal
 
OpenID Retail Summit at PayPal - PayPal Identity
OpenID Retail Summit at PayPal - PayPal IdentityOpenID Retail Summit at PayPal - PayPal Identity
OpenID Retail Summit at PayPal - PayPal Identity
 
PayPal Identity Services - Innovate 2010
PayPal Identity Services - Innovate 2010PayPal Identity Services - Innovate 2010
PayPal Identity Services - Innovate 2010
 
Open Id Summit
Open Id SummitOpen Id Summit
Open Id Summit
 
Say no to Bottled water
Say no to Bottled waterSay no to Bottled water
Say no to Bottled water
 
Open ID Security Issues
Open ID Security IssuesOpen ID Security Issues
Open ID Security Issues
 
Consumer Privacy
Consumer PrivacyConsumer Privacy
Consumer Privacy
 
Identity Enabling Web Services
Identity Enabling Web ServicesIdentity Enabling Web Services
Identity Enabling Web Services
 
Concordia
ConcordiaConcordia
Concordia
 

Recently uploaded

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Spec Update - OpenID Retail Summit at PayPal

  • 1. OpenID Specification Work Update OpenID Retail Summit – March 8, 2011 Mike Jones – Microsoft
  • 2. Spec Work Ongoing Existing OpenID 2.0 specifications in use now Already work fine for many use cases Active working occurring to extend specifications for new use cases Mobile phones and other limited platforms “Facebook Connect” style functionality for easy registration Easier deployment than OpenID 2.0
  • 3. Working Group Spec work occurring in “Artifact Binding” working group Incorporates submissions to former “Connect” working group Merger sometimes called “OpenID ABC” Almost certainly not final branding! OpenID specs developed via an open process All free to participate
  • 4. WG Participants Key working group participants: Nat Sakimura – Nippon Research Institute – Japan John Bradley – Independent – Chile Breno de Medeiros – Google – US Paul Tarjan – Facebook – US Axel Nennker – Deutsche Telekom – Germany Kick Willemse – Independent – Netherlands Tony Nadalin – Microsoft – US Mike Jones – Microsoft – US By no means an exhaustive list!
  • 5. New Spec Building Blocks Build on OAuth 2.0 Use JavaScript Object Notation (JSON) JSON Web Token (JWT) claims representation Goal: Easy implementation on all modern web platforms
  • 6. Spec Structure OpenID AB spec contains in two parts Core – abstract specification Binding – OAuth 2 based binding JSON Web Token (JWT) spec with signing Next version will add encryption Other specs like UMA are looking to adopt it Discovery a separate spec Will refer to OAuth 2.0 specs once finished
  • 7. Spec Progress Current status Core – 70% done Bindings – 75% done (pending OAuth 2.0 completion) Discovery – 80% (working from SWD) JWT – 90% done for tokens and signature Encryption remains to be specified OAuth 2.0 – 95% Target: Complete drafts by Internet Identity Workshop (IIW) in May
  • 8. Implementation Status OpenID ABC Demo version of core and artifact binding available in PHP (BitBucket) Code needs updates for current JWT and yesterday’s spec results JSON Web Token (JWT) Implementations for Java, PHP, Python, Ruby, .NET
  • 9. ABC Capabilities Artifact Binding UserInfo Endpoint Simple RPs Higher LoA Session Management Unregistered Clients OAuth 2 Integration Use of JWTs Single Logout
  • 10. Open Spec Issues Kinds of identifiers are supported Harmonization with OAuth 2 Permissioning distributed attribute providers Claims specification and integration Trust metadata formats and transports
  • 11. Identifiers Need to define the supported formats and normalization rules E-mail Address http/https URL Phone Number?
  • 12. Use of Summits May IIW : Review drafts, make remaining decisions Munich:  Brief participants on progress, specs - gather input Tokyo:  Test implementations; learn from implementation and deployment experiences Colorado:  Interop work – potentially in cooperation with OSIS London:  Brief participants on progress, specs - gather input Nov IIW:  Spec refinement and/or finalization
  • 13. Discussion & Resources Artifact Binding Working Group Wiki Page http://wiki.openid.net/w/page/12995134/Artifact-Binding Artifact Binding Mailing List http://lists.openid.net/mailman/listinfo/openid-specs-ab My blog: http://self-issued.info/