Upload
james-walker
View
6.395
Download
0
Embed Size (px)
DESCRIPTION
Citation preview
supported in core...
now what?
questions?
answers!
explanation
what is OpenID?
“OpenID is an open, decentralized, free
framework for user-centric digital
identity.”
“OpenID is an open, decentralized, free
framework for user-centric digital identity.”
what is identity?
who you are
who am I?
“walkah”
James Ransom Walker
yes... “Ransom”
July 10, 1977
29
30
over 19
over 21
over 25
under 65
who you are
how does it work?
Who is involved?
• Users - OpenID Identifier
• Relying Party (RP) - aka “consumer”
• Wants your information
• OpenID Provider (OP) - aka “ID provider”
• Has your information
User provides identity (URL) to Relying Party
Relying Party performs discovery
Re-directs to OpenID Provider
... with choices
User authenticates
User receives signedauthentication response
Redirected to RP
Relying party verifies this
response
access granted!
what’s the point?
too many usernames &
passwords
single sign-on
registration headaches
real world
photo ID
what is an OpenID identifier?
not an account
URL
globally unique
identifier
... like your passport number
isn’t that a bad idea?
what if someone steals my identity!?
“OpenID is an open, decentralized, free
framework for user-centric digital
identity.”
choice of:OpenID Provider
get a couple!
multiple personas
choice of: authentication
method
choice of:released data
(including not presenting ID)
user decides
where do i get one?
how do i use it?
is it secure?
you don’t give your credentials to
anyone but your OpenID provider
(unlike drupal.module)
what’s next?
OpenID provider
DRUPAL-4-7--2
5 & 6 soon!
in core?
attribute exchange
key-value pairs
keys are URLs
(also globally unique)
not necessarily from your provider
cached by your provider
can be digitally signed by attribute
provider
we can achieve true digital identity
more questions?