• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
OpenID Tutorials
 

OpenID Tutorials

on

  • 5,027 views

 

Statistics

Views

Total Views
5,027
Views on SlideShare
5,009
Embed Views
18

Actions

Likes
3
Downloads
0
Comments
0

3 Embeds 18

http://blog.cirius.co.jp 16
http://www.slideshare.net 1
http://www.health.medicbd.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    OpenID Tutorials OpenID Tutorials Presentation Transcript

    • OpenID Tutorial. Naofumi HAIDA from Cirius Technologies.
    • Table of Contents. • Self-Introduction. • What is OpenID? • OpenID 2.0 quick look. • Security Issues. • Other related OpenAPIs.
    • Self-introduction. • Working @Cirius Technologies, Inc. • Architect @Cirius Lab. • Ruby Programmer. • GeoAPIs, Twitwi Twitter, Twittalk etc... • OpenAPIS & Beyond LT • http://docs.google.com/Presentation? id=dgp485h4_561dwgpsrcd
    • Questions. • OpenID ? • RP OpenID ? • OpenID 2.0 ? • XRI ?
    • Authentication ( ) ID Authorization ( ) ID
    • Backgrounds.
    • • Internet Identity Workshop Six Apart Brad Fitzpatrick OpenID (2005.10) • Web OpenID (2007.02) • Blogger OpenID (2007.11) • OpenID Authentication 2.0 & OpenID Attribute Exchange 1.0 (2007.12)
    • • Blogger OpenID IdP (2008.01) • Yahoo OpenID 2.0 IdP (2008.01) • OpenID Foundation Google IBM MS Yahoo! (2008.02) • Six Apart Verisign NRI OpenID Japan Foundation (2008.02)
    • Many Internet users are “End User” of OpenID Now!
    • ~ 360 million OpenIDs.
    • Total Relying Parties Borrowed from David Recordon
    • There are over 11,000 OpenID enable sites!
    • What’s for OpenID?
    • We use more and more sites!
    • OpenID solves...
    • Too many passwords!
    • My Online Profile scattered across many sites!
    • What is an OpenID??
    • http://www.hatena.ne.jp/haida/
    • http://profile.livedoor.com/haida
    • http://haida.livejurnal.com/
    • Is an OpenID a URI? It has changed in OpenID ver 2.0.
    • yahoo.com
    • coderepos.org
    • xri://=haida
    • OpenID: Identity URI Web Authority http://www.slideshare.net/zigorou/ openid-20-quick-note/
    • These are not OpenID.
    • Authorization Authentication Delegation Privacy Identity Maneger Trust Control Single-Sign-On Distributed SSO
    • Login with OpenID.
    • Input Claimed Identifier @ RP.
    • Authenticate @ OP.
    • Merits & Demerits of OpenID.
    • End User URI
    • Relying Party - - Sun OpenID Sun Sun
    • 2. OpenID 2.0 Quick look.
    • User-Supplied Identifier
    • URL ID ID
    • https://me.yahoo.co.jp/a/ X4F0sewBfO6V5S31BLZsyz4BnEx0# fdf84 yahoo.com
    • XRI
    • Identity URI XRI
    • xri://=haida
    • xri xri ID i-name
    • = @
    • xri://@yahoo
    • ※ XRI xri://=haida 12 $/year xri://@mixi 55 $/year
    • Terms around OpenID.
    • identifier http, https URI URI 2.0 URI XRI
    • OpenID Provider: OP Ver 1.1 IdP OpenID
    • OP Identifier OP Identifier
    • Relying Party: RP Consumer OpenID Identifier OP Web Web
    • Claimed Identifier URI OP
    • User-Supplied Identifier RP Claimed Identifier OP Identifier
    • OP-Local Identifier OP Identifier OP Identifier
    • How does authentication work with OpenID ?
    • 1. RP Claimed Identifier HTML 2. openid.server link 3. RP 4. OP 5. OP RP 6. RP
    • How does this work?
    • Discovery with XRDS.
    • OP delegate Identifier OpenID 1.1 HTML OpenID 2.0 XRDS XML
    • Claimed Identifier XRI - XRDS Claimed Identifier URL - HTML x-xrds-location URL - meta http-equiv x-xrds-location URL - Content-type application/xrds+xml XRDS
    • <?xml version=quot;1.0quot; encoding=quot;UTF-8quot;?> <xrds:XRDS xmlns:xrds=quot;xri://$xrdsquot; xmlns:openid=quot;http://openid.net/xmlns/1.0quot; xmlns=quot;xri://$xrd*($v*2.0)quot;> <XRD> <Service priority=quot;0quot;> <Type>http://specs.openid.net/auth/2.0/server</Type> <URI>http://openid.example.com/auth</URI> </Service> </XRD> </xrds:XRDS>
    • Service Type
    • Security Risks.
    • Phishing.
    • 1. Malicious Consumer OpenID 2. Identifier URI 3. Malicious Consumer OP OP 4. OP OP ID, Password 5. 6. OP
    • Firefox OpenID SeatBelt (by VeriSign) -- OpenID -- Malicious Consumer Malicious Consumer OP -- OP
    • OP nonce trust_root, return_to return_to malicious consumer OP robots.txt OpenID “Identity Page forquot; site:*.myopenid.com” OP
    • RP for Mobile OP RP for Mobile OpenID ?
    • orz..
    • OpenID Security ! http://wiki.openid.net/Security
    • Reputation Problem OP
    • OP RP AOL OP http://dev.aol.com/node/578
    • OP https Attribute Exchange Provider Authentication Policy Extension
    • OP Reputation OP !
    • Summary • OpenID • OpenID 2.0 User Friendly! • IdP
    • Thank you!