Open Id

1. What It Is How It Works Why You Should Care Scott Leslie WCET/BCcampus November 7, 2007

2. What is OpenID? <ul><li>“ De-centralised Single Sign-on for the Web which puts individuals in charge” 1 </li></ul><ul><li>“ OpenID eliminates the need for multiple usernames across different websites” 2 </li></ul><ul><li>1 Powell and Recordon, “OpenID: Decentralised Single Sign-on for the Web,” http://www.ariadne.ac.uk/issue51/powell-recordon/ Last Viewed: Oct 30, 2007. </li></ul><ul><li>2 OpenID “What is OpenID” http://openid.net/what/ Last Viewed: Oct 30, 2007 </li></ul>

3. Say what?

4. Let’s try a demo instead… <ul><li>http://blog.dataunbound.com/ </li></ul><ul><li>http://www.51weeks.com/events/3/presentations/49 </li></ul>

6. Some of OpenID’s benefits <ul><li>Users choose and can control their OpenID provider </li></ul><ul><li>De-centralized - no single server which every OpenID-enabled service or every user must register </li></ul><ul><li>Users authentication credentials are only stored one place </li></ul><ul><li>Usually an easy to remember URL (e.g. edtechpost.myopenid.com) </li></ul>

7. Additional Benefits <ul><li>Uses only standard HTTP(S), does not require any special capabilities of the User-Agent or other client software. </li></ul>

8. What it is Not <ul><li>It does not try to provide trust or distributed authorization solutions </li></ul><ul><li>It will never be a replacement for current on-campus single sign on technologies </li></ul><ul><ul><li>But maybe it will be a compliment </li></ul></ul>

9. http://www.xmlgrrl.com/blog/archives/2007/03/28/the-venn-of-identity/

10. Ok, but why should I care?

11. OpenID Providers <ul><li>9 million users on LiveJournal.com </li></ul><ul><li>AOL - 63 million users got OpenIDs in one fell swoop </li></ul><ul><li>1 million+ smart card based OpenIDs issued in Estonia </li></ul><ul><li>openid.sun.com – 34,000 Sun employee issued an OpenID </li></ul><ul><li>Microsoft intend to integrate OpenID into Cardspace </li></ul>

12. OpenID Consumers <ul><li>Libraries which support it in app development frameworks like Ruby on Rails, Zend PHP, Django Python </li></ul><ul><li>100s of services & apps which support OpenIDs, cf. https://www.myopenid.com/directory and http://openiddirectory.com/ </li></ul>

13. Right, but like I said, why should I care?

14. Avoid Becoming a Technology Ghetto http://www.flickr.com/photos/extraketchup/737480991/

15. Respect Existing Online Identities http://www.flickr.com/photos/jimfrazier/1187369664/

16. Give User Choice to Merge Campus Life and Online Life http://www.flickr.com/photos/re100cyber/1435723666/

17. Where is it going? <ul><li>OpenID 2 - differences? </li></ul><ul><ul><li>Addressing ‘phising’ issue </li></ul></ul><ul><ul><li>Interop with Identity Selectors like Cardspace </li></ul></ul><ul><ul><li>Attribute Exchange Extension </li></ul></ul><ul><ul><li>Works with Yadis </li></ul></ul><ul><ul><li>http://openid.net/specs/openid-authentication-2_0-12.html </li></ul></ul><ul><li>OpenID and SAML </li></ul><ul><li>User Centric Identity Interop tests http://osis.netmesh.org/wiki/I2_Results </li></ul>

18. How Higher Ed can work with OpenID? <ul><li>Become an OpenID provider </li></ul><ul><ul><li>cf. https://login.case.edu/id and https://openid.byu.edu/ </li></ul></ul><ul><ul><li>cf. http://www.ja-sig.org/wiki/display/CASUM/OpenID </li></ul></ul><ul><li>Ask yourself – are there applications we provide which could use OpenID? </li></ul><ul><ul><li>How about when they become alumni ? </li></ul></ul>

19. Further Reading <ul><li>Sam Ruby – “OpenID for non-SuperUsers” </li></ul><ul><ul><li>http://www.intertwingly.net/blog/2007/01/03/OpenID-for-non-SuperUsers </li></ul></ul><ul><li>Powell and Recordon - “OpenID: Decentralised Single Sign-on for the Web” </li></ul><ul><ul><li>http://www.ariadne.ac.uk/issue51/powell-recordon/ </li></ul></ul>

20. Thanks <ul><li>Feel free to contact me at </li></ul><ul><ul><li>[email_address] </li></ul></ul>