1 Global Web Strategy & Enablement, ibm.com

OpenIDAn Executive Briefing David Leip, STSM

ibm.com Chief Innovation Dude & Agile Methods AdvocateJanuary 2008

This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

2 Global Web Strategy & Enablement

OpenID is a open decentralized mechanism for SSO (Single Sign-On)

What is OpenID?

3 Global Web Strategy & Enablement

• Users have too many userids (ex. smith, jsmith, johnsmith, john@smith.com, smith@acme-corp.com)

• Users have too many passwords

• Don’t trust many sites with my login

• Users profile is likely distributed across the web.

Why OpenID for users?

4 Global Web Strategy & Enablement

• http://Leip.livejournal.com/

• http://openid.aol.com/Leip

• http://Leip.openid.com/

• http://Leip.ca/

What’s an OpenID look like?

5 Global Web Strategy & Enablement

How Does it Work?

Acme.com

David Leip

1. David asks to log in to acme.com by giving his OpenID ex: http://leip.myopenid.com/

6 Global Web Strategy & Enablement

How Does it Work?

Acme.com

David Leip

myopenid.com

2. Acme.com asks the OpenID provider (myopenid.com) to confirm that this visitor is David (the owner of this OpenID.)

7 Global Web Strategy & Enablement

How Does it Work?

Acme.com

David Leip

myopenid.com

3. The OpenID provider (myopenid.com) will likely have some form of exchange with the visitor (or David), typically asking asking for a id/password, or a certificate.

8 Global Web Strategy & Enablement

How Does it Work?

Acme.com

David Leip

myopenid.com

4. The OpenID provider confirms that they are satisfied, that the visitor is David.

9 Global Web Strategy & Enablement

• More and more customers are looking for it

• Gaining lots of momentum.• Thousands of sites

• AOL, Some Google properties, now Yahoo!

• OpenID 2.0 includes the ability to carry profile data.

• Could reduce our vulnerability to identity theft attacks, as we don’t need to store as much.

• Great mechanism for maintaining employee ACLs in outsourcing situations (Ex. An OpenID from a your company could authenticate a person to a HR benefits site run by a third party.)

Why should we care?

10 Global Web Strategy & Enablement

Further Information

• David Leip http://www.Leip.ca

This work is licensed under the Creative Commons Attribution-ShareAlike 3.0 License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.