openid: an executive briefing
TRANSCRIPT
1 Global Web Strategy & Enablement, ibm.com
OpenIDAn Executive Briefing David Leip, STSM
ibm.com Chief Innovation Dude & Agile Methods AdvocateJanuary 2008
This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.
2 Global Web Strategy & Enablement
OpenID is a open decentralized mechanism for SSO (Single Sign-On)
What is OpenID?
3 Global Web Strategy & Enablement
• Users have too many userids (ex. smith, jsmith, johnsmith, [email protected], [email protected])
• Users have too many passwords
• Don’t trust many sites with my login
• Users profile is likely distributed across the web.
Why OpenID for users?
4 Global Web Strategy & Enablement
• http://Leip.livejournal.com/
• http://openid.aol.com/Leip
• http://Leip.openid.com/
• http://Leip.ca/
What’s an OpenID look like?
5 Global Web Strategy & Enablement
How Does it Work?
Acme.com
David Leip
1. David asks to log in to acme.com by giving his OpenID ex: http://leip.myopenid.com/
6 Global Web Strategy & Enablement
How Does it Work?
Acme.com
David Leip
myopenid.com
2. Acme.com asks the OpenID provider (myopenid.com) to confirm that this visitor is David (the owner of this OpenID.)
7 Global Web Strategy & Enablement
How Does it Work?
Acme.com
David Leip
myopenid.com
3. The OpenID provider (myopenid.com) will likely have some form of exchange with the visitor (or David), typically asking asking for a id/password, or a certificate.
8 Global Web Strategy & Enablement
How Does it Work?
Acme.com
David Leip
myopenid.com
4. The OpenID provider confirms that they are satisfied, that the visitor is David.
9 Global Web Strategy & Enablement
• More and more customers are looking for it
• Gaining lots of momentum.• Thousands of sites
• AOL, Some Google properties, now Yahoo!
• OpenID 2.0 includes the ability to carry profile data.
• Could reduce our vulnerability to identity theft attacks, as we don’t need to store as much.
• Great mechanism for maintaining employee ACLs in outsourcing situations (Ex. An OpenID from a your company could authenticate a person to a HR benefits site run by a third party.)
Why should we care?
10 Global Web Strategy & Enablement
Further Information
• David Leip http://www.Leip.ca
This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.