What is it ... and what does it mean to me? David Orrell [email_address]   9 Aug 2007
What's this about? <ul><ul><li>Learn about what OpenID is. </li></ul></ul><ul><ul><li>See how web identity systems are cha...
What is OpenID? <ul><ul><li>“OpenID is an open, decentralized, free framework for user-centric digital identity.” </li></u...
What is an OpenID? <ul><ul><li>http://dno.myopenid.com   </li></ul></ul><ul><ul><li>or </li></ul></ul><ul><ul><li>http://o...
<ul><ul><li>An OpenID is itself a web entity. </li></ul></ul>
<ul><ul><li>An OpenID is itself a web entity. </li></ul></ul><ul><ul><li>It's an identity system using Web technologies. <...
<ul><ul><li>An OpenID is itself a web entity. </li></ul></ul><ul><ul><li>It's an identity system using Web technologies. <...
<ul><ul><li>An OpenID is itself a web entity. </li></ul></ul><ul><ul><li>It's an identity system using Web technologies. <...
 
 
 
 
 
Open and Decentralised <ul><ul><li>The 3 key qualities... </li></ul></ul>
<ul><ul><li>(1) No one provider holds key to the OpenID network. </li></ul></ul><ul><ul><li>A sustainable foundation to th...
<ul><ul><li>(2) Pervasively Open Source. </li></ul></ul><ul><ul><li>Providers don't have to worry about technology and ven...
<ul><ul><li>(3) Light-weight enough to be 'layered' with other technologies. </li></ul></ul>Open and Decentralised
What's in an OpenID? <ul><ul><li>http:// dno.myopenid.com </li></ul></ul>me my identity provider
<ul><li>Why users should care... </li></ul>
<ul><ul><li>A user can  choose  who holds their identity. </li></ul></ul>
<ul><ul><li>http://openid.net/wiki/index.php/OpenIDServers </li></ul></ul><ul><ul><li>lists around 60 providers. </li></ul...
<ul><ul><li>Users get single sign on between resources. </li></ul></ul><ul><ul><li>- common username </li></ul></ul><ul><u...
<ul><ul><li>Users get single sign on between resources. </li></ul></ul><ul><ul><li>- common username </li></ul></ul><ul><u...
<ul><ul><li>Users can  easily  register for services. </li></ul></ul><ul><ul><li>OpenID has a 'simple registration extensi...
 
 
 
 
 
<ul><ul><li>Easy registration for light-weight purposes, like posting comments on blogs. </li></ul></ul>
<ul><ul><li>Easy registration for light-weight purposes, like posting comments on blogs. </li></ul></ul><ul><ul><li>Better...
<ul><ul><li>Easy registration for light-weight purposes, like posting comments on blogs. </li></ul></ul><ul><ul><li>Better...
<ul><ul><li>Users can choose their identity </li></ul></ul><ul><ul><li>dno.myopenid.com </li></ul></ul><ul><ul><li>I'm not...
<ul><ul><li>Users can choose their identity </li></ul></ul><ul><ul><li>dno.myopenid.com </li></ul></ul><ul><ul><li>I'm not...
OK, this sounds great, but...
A  URL  as an identity? <ul><ul><li>Isn't a URL a counter-intuitive form of identity? </li></ul></ul>
A  URL  as an identity? <ul><ul><li>Isn't a URL a counter-intuitive form of identity? </li></ul></ul><ul><ul><li>Perhaps, ...
 
 
<ul><ul><li>A URL can imply more.... </li></ul></ul><ul><ul><li>http://openid.eduserv.org.uk/dno </li></ul></ul>I am an em...
 
<ul><ul><li>In theory, a URL says  much  more... </li></ul></ul>
<ul><ul><li>In theory, a URL says  much  more... </li></ul></ul><ul><ul><li>An OpenID is much richer than a username in wh...
<ul><ul><li>In theory, a URL says  much  more... </li></ul></ul><ul><ul><li>An OpenID is much richer than a username in wh...
 
 
An OpenID is globally unique so could form the basis of decentralised social networks. Add support for microformats... xfn...
 
 
What about privacy? <ul><ul><li>Identity vs Privacy </li></ul></ul>
What about privacy? <ul><ul><li>OpenID does not solve problems around privacy. </li></ul></ul><ul><ul><li>Again, keep in m...
Phishing <ul><ul><li>A 'bad' consumer can easily perform a phishing attack. </li></ul></ul><ul><ul><li>OpenID does not nec...
 
Set you identity provider as your homepage or a bookmark and sign in first.
Verisign PIP SeatBelt Firefox extension Firefox 3 to have 'OpenID support'
 
 
 
 
 
Trust! <ul><ul><li>2 schools of thought.... </li></ul></ul><ul><ul><li>(though not necessarily mutually exclusive) </li></...
(1) <ul><ul><li>OpenID is what is it  because  it doesn't do trust. </li></ul></ul>
(1) <ul><ul><li>OpenID is what is it  because  it doesn't do trust. </li></ul></ul><ul><ul><li>Consumers and identity prov...
(1) <ul><ul><li>OpenID is what is it  because  it doesn't do trust. </li></ul></ul><ul><ul><li>Consumers and identity prov...
<ul><ul><li>“This is  not  a trust system. Trust requires identity first.” </li></ul></ul><ul><ul><li>(from OpenID.net) </...
(2) <ul><ul><li>OpenID is simple and is there to be built on. Adding trust is a natural extension. </li></ul></ul>
(2) <ul><ul><li>OpenID is simple and is there to be built on. Adding trust is a natural extension. </li></ul></ul><ul><ul>...
Relations with SAML/Shibboleth <ul><ul><li>Don't they address the same thing! </li></ul></ul>
Relations with SAML/Shibboleth <ul><ul><li>Don't they address the same thing! </li></ul></ul><ul><ul><li>Can co-exist. </l...
Relations with SAML/Shibboleth <ul><ul><li>Don't they address the same thing! </li></ul></ul><ul><ul><li>Can co-exist. </l...
Open Standards and Patents <ul><ul><li>Patents => not so Open? </li></ul></ul>
Open Standards and Patents <ul><ul><li>Patents => not so Open? </li></ul></ul><ul><ul><li>Sun, Verisign and JanRain have a...
So, who's using it? All AOL users have an OpenID (even if they don't know it). 63 million users. All 33 000 Sun employees.
 
digg.com announced support. General theme is that there are more providers than consumers.
http://openid.net (Specifications) http://www.openiddirectory.com/ (Directory of resources)   http://www.openidenabled.com...
Upcoming SlideShare
Loading in …5
×

OpenID - What is it, and what does it mean to me?

4,563 views

Published on

OpenID is a lightweight, decentralised single sign-on mechanism for the Web, developed primarily to meet the needs of the blogging and Web 2.0 communities, but beginning to be of interest in wider contexts such as elearning. This session introduces the concepts of OpenID and explores some of the implications, from an education perspective.

Published in: Technology, Design
3 Comments
6 Likes
Statistics
Notes
No Downloads
Views
Total views
4,563
On SlideShare
0
From Embeds
0
Number of Embeds
43
Actions
Shares
0
Downloads
76
Comments
3
Likes
6
Embeds 0
No embeds

No notes for slide

OpenID - What is it, and what does it mean to me?

  1. 1. What is it ... and what does it mean to me? David Orrell [email_address] 9 Aug 2007
  2. 2. What's this about? <ul><ul><li>Learn about what OpenID is. </li></ul></ul><ul><ul><li>See how web identity systems are changing. </li></ul></ul><ul><ul><li>Hopefully be convinced that it's a good thing! </li></ul></ul>
  3. 3. What is OpenID? <ul><ul><li>“OpenID is an open, decentralized, free framework for user-centric digital identity.” </li></ul></ul><ul><ul><li>(from OpenID.net) </li></ul></ul><ul><ul><li>(...for the Web) </li></ul></ul><ul><ul><li>(...for Web 2.0) </li></ul></ul>
  4. 4. What is an OpenID? <ul><ul><li>http://dno.myopenid.com </li></ul></ul><ul><ul><li>or </li></ul></ul><ul><ul><li>http://openid.eduserv.org.uk/dno </li></ul></ul>
  5. 5. <ul><ul><li>An OpenID is itself a web entity. </li></ul></ul>
  6. 6. <ul><ul><li>An OpenID is itself a web entity. </li></ul></ul><ul><ul><li>It's an identity system using Web technologies. </li></ul></ul>
  7. 7. <ul><ul><li>An OpenID is itself a web entity. </li></ul></ul><ul><ul><li>It's an identity system using Web technologies. </li></ul></ul><ul><ul><li>It's scalable. </li></ul></ul>
  8. 8. <ul><ul><li>An OpenID is itself a web entity. </li></ul></ul><ul><ul><li>It's an identity system using Web technologies. </li></ul></ul><ul><ul><li>It's scalable. </li></ul></ul><ul><ul><li>It's elegant and really simple! </li></ul></ul>
  9. 14. Open and Decentralised <ul><ul><li>The 3 key qualities... </li></ul></ul>
  10. 15. <ul><ul><li>(1) No one provider holds key to the OpenID network. </li></ul></ul><ul><ul><li>A sustainable foundation to the system, with the user in control. </li></ul></ul>Open and Decentralised
  11. 16. <ul><ul><li>(2) Pervasively Open Source. </li></ul></ul><ul><ul><li>Providers don't have to worry about technology and vendor lock-in. </li></ul></ul>Open and Decentralised
  12. 17. <ul><ul><li>(3) Light-weight enough to be 'layered' with other technologies. </li></ul></ul>Open and Decentralised
  13. 18. What's in an OpenID? <ul><ul><li>http:// dno.myopenid.com </li></ul></ul>me my identity provider
  14. 19. <ul><li>Why users should care... </li></ul>
  15. 20. <ul><ul><li>A user can choose who holds their identity. </li></ul></ul>
  16. 21. <ul><ul><li>http://openid.net/wiki/index.php/OpenIDServers </li></ul></ul><ul><ul><li>lists around 60 providers. </li></ul></ul><ul><ul><li>Or your employer, college might provide one. </li></ul></ul><ul><ul><li>Why not run your own? </li></ul></ul>
  17. 22. <ul><ul><li>Users get single sign on between resources. </li></ul></ul><ul><ul><li>- common username </li></ul></ul><ul><ul><li>- common password </li></ul></ul><ul><ul><li>- sign on once </li></ul></ul><ul><ul><li>(or client certificates: MyOpenID / certifi.ca) </li></ul></ul>
  18. 23. <ul><ul><li>Users get single sign on between resources. </li></ul></ul><ul><ul><li>- common username </li></ul></ul><ul><ul><li>- common password </li></ul></ul><ul><ul><li>- sign on once </li></ul></ul><ul><ul><li>(or client certificates: MyOpenID / certifi.ca) </li></ul></ul><ul><ul><li>Their credentials are only stored by their identity provider(s). </li></ul></ul>
  19. 24. <ul><ul><li>Users can easily register for services. </li></ul></ul><ul><ul><li>OpenID has a 'simple registration extension'. </li></ul></ul>
  20. 30. <ul><ul><li>Easy registration for light-weight purposes, like posting comments on blogs. </li></ul></ul>
  21. 31. <ul><ul><li>Easy registration for light-weight purposes, like posting comments on blogs. </li></ul></ul><ul><ul><li>Better than persistent cookies. </li></ul></ul>
  22. 32. <ul><ul><li>Easy registration for light-weight purposes, like posting comments on blogs. </li></ul></ul><ul><ul><li>Better than persistent cookies. </li></ul></ul><ul><ul><li>Can associate an OpenID with an existing account. </li></ul></ul>
  23. 33. <ul><ul><li>Users can choose their identity </li></ul></ul><ul><ul><li>dno.myopenid.com </li></ul></ul><ul><ul><li>I'm not forced to use </li></ul></ul><ul><ul><li>'dno34562' at someconsumer.com and 'dno234' at someotherconumer.com </li></ul></ul>
  24. 34. <ul><ul><li>Users can choose their identity </li></ul></ul><ul><ul><li>dno.myopenid.com </li></ul></ul><ul><ul><li>I'm not forced to use </li></ul></ul><ul><ul><li>'dno34562' at someconsumer.com and 'dno234' at someotherconumer.com </li></ul></ul><ul><ul><li>Even better if I am my identity provider </li></ul></ul>
  25. 35. OK, this sounds great, but...
  26. 36. A URL as an identity? <ul><ul><li>Isn't a URL a counter-intuitive form of identity? </li></ul></ul>
  27. 37. A URL as an identity? <ul><ul><li>Isn't a URL a counter-intuitive form of identity? </li></ul></ul><ul><ul><li>Perhaps, but think of a blog, or MySpace... a URL is very much an identity. </li></ul></ul>
  28. 40. <ul><ul><li>A URL can imply more.... </li></ul></ul><ul><ul><li>http://openid.eduserv.org.uk/dno </li></ul></ul>I am an employee of Eduserv
  29. 42. <ul><ul><li>In theory, a URL says much more... </li></ul></ul>
  30. 43. <ul><ul><li>In theory, a URL says much more... </li></ul></ul><ul><ul><li>An OpenID is much richer than a username in what it can say (or imply) about a user. </li></ul></ul>
  31. 44. <ul><ul><li>In theory, a URL says much more... </li></ul></ul><ul><ul><li>An OpenID is much richer than a username in what it can say (or imply) about a user. </li></ul></ul><ul><ul><li>Can delegate your identity from any URL: eg. your blog. </li></ul></ul>
  32. 47. An OpenID is globally unique so could form the basis of decentralised social networks. Add support for microformats... xfn, hCard, MicroID? Check out... http://microformats.org http://microid.org http://simonwillison.net
  33. 50. What about privacy? <ul><ul><li>Identity vs Privacy </li></ul></ul>
  34. 51. What about privacy? <ul><ul><li>OpenID does not solve problems around privacy. </li></ul></ul><ul><ul><li>Again, keep in mind the context here: Web 2.0, social networks and the blogosphere. </li></ul></ul>
  35. 52. Phishing <ul><ul><li>A 'bad' consumer can easily perform a phishing attack. </li></ul></ul><ul><ul><li>OpenID does not necessarily make things better or worse! </li></ul></ul>
  36. 54. Set you identity provider as your homepage or a bookmark and sign in first.
  37. 55. Verisign PIP SeatBelt Firefox extension Firefox 3 to have 'OpenID support'
  38. 61. Trust! <ul><ul><li>2 schools of thought.... </li></ul></ul><ul><ul><li>(though not necessarily mutually exclusive) </li></ul></ul>
  39. 62. (1) <ul><ul><li>OpenID is what is it because it doesn't do trust. </li></ul></ul>
  40. 63. (1) <ul><ul><li>OpenID is what is it because it doesn't do trust. </li></ul></ul><ul><ul><li>Consumers and identity providers need no prior agreements. </li></ul></ul>
  41. 64. (1) <ul><ul><li>OpenID is what is it because it doesn't do trust. </li></ul></ul><ul><ul><li>Consumers and identity providers need no prior agreements. </li></ul></ul><ul><ul><li>Ad-hoc trust can still be achieved. </li></ul></ul>
  42. 65. <ul><ul><li>“This is not a trust system. Trust requires identity first.” </li></ul></ul><ul><ul><li>(from OpenID.net) </li></ul></ul>
  43. 66. (2) <ul><ul><li>OpenID is simple and is there to be built on. Adding trust is a natural extension. </li></ul></ul>
  44. 67. (2) <ul><ul><li>OpenID is simple and is there to be built on. Adding trust is a natural extension. </li></ul></ul><ul><ul><li>Consumers can white-list 'good' identity providers. </li></ul></ul>
  45. 68. Relations with SAML/Shibboleth <ul><ul><li>Don't they address the same thing! </li></ul></ul>
  46. 69. Relations with SAML/Shibboleth <ul><ul><li>Don't they address the same thing! </li></ul></ul><ul><ul><li>Can co-exist. </li></ul></ul>
  47. 70. Relations with SAML/Shibboleth <ul><ul><li>Don't they address the same thing! </li></ul></ul><ul><ul><li>Can co-exist. </li></ul></ul><ul><ul><li>OpenID comes from a different angle, for different applications and for non-specific user-bases. </li></ul></ul>
  48. 71. Open Standards and Patents <ul><ul><li>Patents => not so Open? </li></ul></ul>
  49. 72. Open Standards and Patents <ul><ul><li>Patents => not so Open? </li></ul></ul><ul><ul><li>Sun, Verisign and JanRain have all issued patent-covenants: patents will not be enforced against implementations of OpenID. </li></ul></ul>
  50. 73. So, who's using it? All AOL users have an OpenID (even if they don't know it). 63 million users. All 33 000 Sun employees.
  51. 75. digg.com announced support. General theme is that there are more providers than consumers.
  52. 76. http://openid.net (Specifications) http://www.openiddirectory.com/ (Directory of resources) http://www.openidenabled.com/ (OpenID implementations) [email_address]

×