2007 Barcelona Drupalcon: OpenID
-
Upload
james-walker -
Category
Technology
-
view
6.393 -
download
0
description
Transcript of 2007 Barcelona Drupalcon: OpenID
![Page 1: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/1.jpg)
![Page 2: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/2.jpg)
supported in core...
![Page 3: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/3.jpg)
now what?
![Page 4: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/4.jpg)
questions?
![Page 5: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/5.jpg)
answers!
![Page 6: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/6.jpg)
explanation
![Page 7: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/7.jpg)
what is OpenID?
![Page 8: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/8.jpg)
“OpenID is an open, decentralized, free
framework for user-centric digital
identity.”
![Page 9: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/9.jpg)
“OpenID is an open, decentralized, free
framework for user-centric digital identity.”
![Page 10: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/10.jpg)
what is identity?
![Page 11: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/11.jpg)
who you are
![Page 12: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/12.jpg)
who am I?
![Page 13: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/13.jpg)
![Page 14: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/14.jpg)
“walkah”
![Page 15: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/15.jpg)
James Ransom Walker
![Page 16: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/16.jpg)
yes... “Ransom”
![Page 17: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/17.jpg)
![Page 18: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/18.jpg)
![Page 19: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/19.jpg)
![Page 20: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/20.jpg)
![Page 21: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/21.jpg)
July 10, 1977
![Page 22: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/22.jpg)
29
![Page 23: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/23.jpg)
30
![Page 24: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/24.jpg)
over 19
![Page 25: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/25.jpg)
over 21
![Page 26: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/26.jpg)
over 25
![Page 27: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/27.jpg)
under 65
![Page 28: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/28.jpg)
who you are
![Page 29: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/29.jpg)
how does it work?
![Page 30: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/30.jpg)
Who is involved?
• Users - OpenID Identifier
• Relying Party (RP) - aka “consumer”
• Wants your information
• OpenID Provider (OP) - aka “ID provider”
• Has your information
![Page 31: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/31.jpg)
User provides identity (URL) to Relying Party
![Page 32: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/32.jpg)
Relying Party performs discovery
![Page 33: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/33.jpg)
Re-directs to OpenID Provider
![Page 34: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/34.jpg)
... with choices
![Page 35: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/35.jpg)
User authenticates
![Page 36: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/36.jpg)
User receives signedauthentication response
![Page 37: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/37.jpg)
Redirected to RP
![Page 38: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/38.jpg)
Relying party verifies this
response
![Page 39: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/39.jpg)
access granted!
![Page 40: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/40.jpg)
what’s the point?
![Page 41: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/41.jpg)
too many usernames &
passwords
![Page 42: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/42.jpg)
single sign-on
![Page 43: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/43.jpg)
![Page 44: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/44.jpg)
![Page 45: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/45.jpg)
![Page 46: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/46.jpg)
![Page 47: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/47.jpg)
registration headaches
![Page 48: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/48.jpg)
real world
![Page 49: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/49.jpg)
![Page 50: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/50.jpg)
photo ID
![Page 51: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/51.jpg)
what is an OpenID identifier?
![Page 52: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/52.jpg)
not an account
![Page 53: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/53.jpg)
URL
![Page 54: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/54.jpg)
globally unique
![Page 55: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/55.jpg)
identifier
![Page 56: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/56.jpg)
![Page 57: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/57.jpg)
... like your passport number
![Page 58: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/58.jpg)
isn’t that a bad idea?
![Page 59: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/59.jpg)
what if someone steals my identity!?
![Page 60: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/60.jpg)
“OpenID is an open, decentralized, free
framework for user-centric digital
identity.”
![Page 61: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/61.jpg)
choice of:OpenID Provider
![Page 62: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/62.jpg)
get a couple!
![Page 63: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/63.jpg)
multiple personas
![Page 64: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/64.jpg)
choice of: authentication
method
![Page 65: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/65.jpg)
![Page 66: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/66.jpg)
choice of:released data
![Page 67: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/67.jpg)
(including not presenting ID)
![Page 68: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/68.jpg)
user decides
![Page 69: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/69.jpg)
where do i get one?
![Page 70: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/70.jpg)
how do i use it?
![Page 71: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/71.jpg)
is it secure?
![Page 72: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/72.jpg)
you don’t give your credentials to
anyone but your OpenID provider
![Page 73: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/73.jpg)
(unlike drupal.module)
![Page 74: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/74.jpg)
what’s next?
![Page 75: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/75.jpg)
OpenID provider
![Page 76: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/76.jpg)
DRUPAL-4-7--2
![Page 77: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/77.jpg)
5 & 6 soon!
![Page 78: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/78.jpg)
in core?
![Page 79: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/79.jpg)
attribute exchange
![Page 80: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/80.jpg)
![Page 81: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/81.jpg)
key-value pairs
![Page 82: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/82.jpg)
keys are URLs
![Page 83: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/83.jpg)
(also globally unique)
![Page 85: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/85.jpg)
not necessarily from your provider
![Page 86: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/86.jpg)
cached by your provider
![Page 87: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/87.jpg)
can be digitally signed by attribute
provider
![Page 88: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/88.jpg)
we can achieve true digital identity
![Page 89: 2007 Barcelona Drupalcon: OpenID](https://reader033.fdocuments.in/reader033/viewer/2022051513/5463a64aaf795992368b45d9/html5/thumbnails/89.jpg)
more questions?