2007 Barcelona Drupalcon: OpenID

4,516 views
4,441 views

Published on

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
4,516
On SlideShare
0
From Embeds
0
Number of Embeds
45
Actions
Shares
0
Downloads
112
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

2007 Barcelona Drupalcon: OpenID

  1. 1. supported in core...
  2. 2. now what?
  3. 3. questions?
  4. 4. answers!
  5. 5. explanation
  6. 6. what is OpenID?
  7. 7. “OpenID is an open, decentralized, free framework for user- centric digital identity.”
  8. 8. “OpenID is an open, decentralized, free framework for user- centric digital identity.”
  9. 9. what is identity?
  10. 10. who you are
  11. 11. who am I?
  12. 12. “walkah”
  13. 13. James Ransom Walker
  14. 14. yes... “Ransom”
  15. 15. July 10, 1977
  16. 16. 29
  17. 17. 30
  18. 18. over 19
  19. 19. over 21
  20. 20. over 25
  21. 21. under 65
  22. 22. who you are
  23. 23. how does it work?
  24. 24. Who is involved? • Users - OpenID Identifier • Relying Party (RP) - aka “consumer” • Wants your information • OpenID Provider (OP) - aka “ID provider” • Has your information
  25. 25. User provides identity (URL) to Relying Party
  26. 26. Relying Party performs discovery
  27. 27. Re-directs to OpenID Provider
  28. 28. ... with choices
  29. 29. User authenticates
  30. 30. User receives signed authentication response
  31. 31. Redirected to RP
  32. 32. Relying party verifies this response
  33. 33. access granted!
  34. 34. what’s the point?
  35. 35. too many usernames & passwords
  36. 36. single sign-on
  37. 37. registration headaches
  38. 38. real world
  39. 39. photo ID
  40. 40. what is an OpenID identifier?
  41. 41. not an account
  42. 42. URL
  43. 43. globally unique
  44. 44. identifier
  45. 45. ... like your passport number
  46. 46. isn’t that a bad idea?
  47. 47. what if someone steals my identity!?
  48. 48. “OpenID is an open, decentralized, free framework for user- centric digital identity.”
  49. 49. choice of: OpenID Provider
  50. 50. get a couple!
  51. 51. multiple personas
  52. 52. choice of: authentication method
  53. 53. choice of: released data
  54. 54. (including not presenting ID)
  55. 55. user decides
  56. 56. where do i get one?
  57. 57. how do i use it?
  58. 58. is it secure?
  59. 59. you don’t give your credentials to anyone but your OpenID provider
  60. 60. (unlike drupal.module)
  61. 61. what’s next?
  62. 62. OpenID provider
  63. 63. DRUPAL-4-7--2
  64. 64. 5 & 6 soon!
  65. 65. in core?
  66. 66. attribute exchange
  67. 67. key-value pairs
  68. 68. keys are URLs
  69. 69. (also globally unique)
  70. 70. http://pants.com/pants/status => off
  71. 71. not necessarily from your provider
  72. 72. cached by your provider
  73. 73. can be digitally signed by attribute provider
  74. 74. we can achieve true digital identity
  75. 75. more questions?

×