Your SlideShare is downloading. ×
Openid & Oauth: An Introduction
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Openid & Oauth: An Introduction

10,907
views

Published on

Open Standards for Authentication and Authorization (An introduction). …

Open Standards for Authentication and Authorization (An introduction).

This presentation was originally given for about 80 developers at an internal tech day.

Published in: Technology, Design

2 Comments
11 Likes
Statistics
Notes
No Downloads
Views
Total Views
10,907
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
259
Comments
2
Likes
11
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Transcript

    • 1. OpenID & Oauth Open Standards for Authentication and Authorization (An introduction)
    • 2. The Open Web
      • Unencumbered, Cross-Platform Standards
      • Open Source / Free Software Implementations
      • No Single-Vendor "Lock-In”
      • Distributed Extensibility
      http://developer.mozilla.org/presentations/sxsw2007/the_open_web/
    • 3. OpenID is…
      • Lightweight
      • Distributed
      • User-Centric (not Site-Centric)
    • 4. OpenID is also…
      • Built on web standards
      • DNS/HTTP/SSL
      • Diffie-Hellman (PKI)
    • 5. History
      • 2005: Developed by Brad Fitzpatrick, Creator of LiveJournal
      • 2006: Delegation, XRI support, extensions: OpenID 2.0
      • 2007: OpenID Foundation
      • 2008: More than 13,000 Consuming Sites
      http://en.wikipedia.org/wiki/OpenID#History
    • 6. OpenID In The Wild
    • 7. A Solution For…
      • Maintaining Usernames
      • Password Overload (insecurity)
      • Site-centric Identity
    • 8. Basics
      • An OpenID is a URL
        • http://redmonk.net
      • Provider
        • http://myopenid.com
      • Relying Parties
      • Delegation
        • http://redmonk.myopenid.com
    • 9. The Dance (Conversation)
    • 10. DEMO
      • LiveJournal User
      • Ma.gnolia
      • One-Time Authentication
      • Persistent Authentication
    • 11. The “Open” in OpenID
      • Delegation support is required
      • <link rel=“openid.delegate” />
      • Multiple accounts, multiple Providers
      • No Lock-in
    • 12. Q & A
    • 13. Oauth is…
      • “ OAuth is like a valet key for all your web services .  A valet key lets you give a valet the ability to park your car, but not the ability to get into the trunk or drive more than 2 miles or redline the RPMs on your high end German automobile.  In the same way, an OAuth key lets you give a web agent the ability to check your web mail but NOT the ability to pretend to be you and send mail to everybody in your address book.”
      • http://journals.aol.com/panzerjohn/abstractioneer/entries/2007/09/21/oauth-your-valet-key-for-the-web/1550
    • 14. Authentication
      • Similar to:
      • AuthSub (Google)
      • BBAuth (Yahoo)
      • Flickr Auth
      • OpenAuth (AOL)
    • 15. API Level
      • Application To Application
      • “ Agency”
    • 16. Basics
      • User
      • Service Provider
      • Consumer
      • Protected Resources
      • Tokens
      http://oauth.net/documentation/getting-started
    • 17. The Dance (Conversation)
      • (Developed from: http:// oauth.net/core/diagram.png )
    • 18. Who’s Supporting Oauth?
      • Google
      • FireEagle (Yahoo)
      • Ma.gnolia
      • Amazon
      • Flickr
      • Digg
      • And more…
    • 19. Q & A
    • 20. Sources
      • http://www.slideshare.net/daveman692/open-id-overview-seoul-july-2007
      • http://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
      • http://en.wikipedia.org/wiki/OpenID#History
      • http://wiki.openid.net/
      • http://openid.net
      • http://oauth.net
      • http://journals.aol.com/panzerjohn/abstractioneer/entries/2007/09/21/oauth-your-valet-key-for-the-web/1550
      • http://oauth.net/core/diagram.png
      • http://www.slideshare.net/leahculver/oauth-open-api-authentication
      • http://www.slideshare.net/daveman692/open-platforms-in-web-20
    • 21. Your Host
      • Steve Ivy
      • [email_address]
      • Open Standards, Open Source Agitator
      • http://redmonk.net/
    • 22.