2. quot;Its definitely time to declare quot;OpenID is a protocol made
OpenID a winnerquot; for the public, by the public.
TechCrunch No one owns or controls your
login information:You do.quot;
37signals
quot;...sees great potential for OpenID's use
alongside enterprise-ready software
infrastructurequot;
Sun Microsystems
quot;taking the world by stormquot;
quot;this high profile announcement marks
Tim O'Reilly
the importance of single sign on identity
technology to the future of the Internetquot;
ReadWriteWeb
3. What is OpenID?
• Single sign-on for the web
• Simple and light-weight
(not going to replace your bank card pin)
• Easy to use and deploy
• Built upon proven existing technologies
(DNS, HTTP, SSL/TLS, Diffie-Hellman)
• Decentralized
(you don't have to ask anyone permission to implement it)
• Free!
4. An OpenID is a URI
• URLs are globally unique
and ubiquitous
• OpenID allows proving
ownership of an URI
• People already have
identity at URLs via
blogs, photos, MySpace,
FaceBook, etc
• People already describe
relationships via URLs
(e.g. links to my friends)
28. Total Relying Parties (aka places you can login with OpenID)
6,000
4,500
3,000
1,500
0
ov
b
ay
ly
'06
ar
ne
ov
ay
ly
'05
ct
ec
r
g
ne
p
ec
'07
b
ct
ar
r
st
22
Ap
Ap
Au
Fe
Se
Fe
Ju
Ju
gu
O
O
M
M
M
M
D
D
Ju
Ju
N
N
p
p
Jan
Jan
Au
Se
Se
OpenID 1.1 - As viewed by MyOpenID.com
29. quot;So that's great there
are so many blogs, but
what about something
real?quot;
33. Offer all employees
OpenIDs; open source
Enterprise SSO and
identity manager with
LDAP and OpenID
Internal SSO for bug
trackers and wikis
OpenID Provider with
plans to ship in enterprise
products this year
Shared OpenID Provider
for their businesses and
partners
Project management,
CRM, and billing for small
businesses
50. IE Team has posted a job
ad mentioning quot;OpenIDquot;
quot;Does the idea of redefining the role of the Internet browser appeal to you?
Do the terms HTTP, RSS, Microformats, and OpenID, excite you? If so, then
this just might be the opportunity for you.quot;
55. Final Specifications
• OpenID Authentication 1.1
• What most people think of for OpenID
• What I’m mainly talking about today
• Very simple
• OpenID Simple Registration Extension
• Exchange basic profile data
• Keep the user in charge
56. OpenID Authentication 2.0
• Cleans up the 1.1 specification
• Adds a few useful features
• Robust extensibility
• Enhanced service discovery
• quot;Directed identityquot;
• XRI
• About six independent library
implementations of final draft
57. Attribute Exchange
• Flexible framework for exchange rich
profile attributes
• Keeps the user in charge
• Allows updating data in a distributed
fashion
58. PAPE
• Communicate details about how the user
authenticated
• High-level policies such as “phishing
resistant” or “multi-factor”
• Increasingly important with higher value
OpenID transactions
59. Lots Easy of Code
• Libraries in C#, C++, Java, Perl, Python,
Ruby, PHP, and ColdFusion
• Can have something working within a
weekend
• Need to think a bit about security and
usability