openid intro @ barcamp brussels 3
DESCRIPTION
I gave a talk about OpenID at Barcamp Brussels 3, may 2007TRANSCRIPT
![Page 1: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/1.jpg)
OpenID Intro“Identity 2.0 - Forget your passwords”
![Page 2: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/2.jpg)
~/ $ who am i
• Frank Louwers - [email protected]
• Partner in Openminds & Metatale
• http://frank.be
• Openminds offers high-quality, high-performance Internetsolutions
• Openminds launched the first Belgian OpenID identity server
![Page 3: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/3.jpg)
Quick Poll?
![Page 4: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/4.jpg)
Quick Poll?
• Who uses same username / password for every new account?
![Page 5: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/5.jpg)
Quick Poll?
• Who uses same username / password for every new account?
• Who loses usernames / passwords for some sites?
![Page 6: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/6.jpg)
Quick Poll?
• Who uses same username / password for every new account?
• Who loses usernames / passwords for some sites?
• Who has a blog?
![Page 7: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/7.jpg)
Quick Poll?
• Who uses same username / password for every new account?
• Who loses usernames / passwords for some sites?
• Who has a blog?
• Who has OpenID? (Wordpress.com, AOL, Typepad, Yahoo!, ...)
![Page 8: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/8.jpg)
Passwords, usernames, and amnesia
![Page 9: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/9.jpg)
Morning workflow
• Read Mail
• Read RSS feeds
• Use company Intranet / wiki
• Write blogpost
• Comment on other blogs / wiki
![Page 10: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/10.jpg)
Morning workflow
• Read Mail
• Read RSS feeds
• Use company Intranet / wiki
• Write blogpost
• Comment on other blogs / wiki
needs login
![Page 11: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/11.jpg)
Morning workflow
• Read Mail
• Read RSS feeds
• Use company Intranet / wiki
• Write blogpost
• Comment on other blogs / wiki
needs login
needs login
![Page 12: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/12.jpg)
Morning workflow
• Read Mail
• Read RSS feeds
• Use company Intranet / wiki
• Write blogpost
• Comment on other blogs / wiki
needs login
needs login
needs login
![Page 13: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/13.jpg)
Morning workflow
• Read Mail
• Read RSS feeds
• Use company Intranet / wiki
• Write blogpost
• Comment on other blogs / wiki
needs login
needs login
needs login
needs login
![Page 14: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/14.jpg)
Morning workflow
• Read Mail
• Read RSS feeds
• Use company Intranet / wiki
• Write blogpost
• Comment on other blogs / wiki
needs login
needs login
needs login
needs login
needs login
![Page 15: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/15.jpg)
Even worse ...
http://www.monuments.nu/monuments/2007/05/pure_annoyance.html
![Page 16: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/16.jpg)
Our best friend ...
![Page 17: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/17.jpg)
Not only do we need to remember the password
We also need to rember the (random) username!
![Page 18: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/18.jpg)
Solutions
![Page 19: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/19.jpg)
Lazy solution
• Same password everywhere
• Not safe
• One site compromised, all sites compromised
• When your mail-address changes, accounts lost?
![Page 20: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/20.jpg)
Solution: Single Sign On
• Previous attempts: Microsoft Passport.net
• Centralised (not everyone trusts MS)
• Expensive to integrate
• Not extendable
![Page 21: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/21.jpg)
OpenID: KISS
• De-centralised
• Open Standards based
• easy, lightweight protocol
• providing Single Sign On
• Based on proven standards (dns and urls)
• A blog identifies a person
![Page 22: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/22.jpg)
De-centralised
• You choose one of the many OpenID i-providers (http://openid.openminds.be)
• You choose who you trust and why
• Even set-up your own OpenID server if you want
• It’s the only place where your credentials are stored
![Page 23: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/23.jpg)
A life without passwords
How does it look like?
![Page 24: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/24.jpg)
Login to OpenID sites
• Enter your OpenID identifier url as “username”
• Site contacts your OpenID Server (based on url)
• OpenID Server checks if you are logged in
• OpenID Server passes token to site
![Page 25: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/25.jpg)
![Page 26: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/26.jpg)
Only the first time I login to an OpenID site that day.Next time, only a confirmation is needed.
![Page 27: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/27.jpg)
What data should be transfered to the site?
![Page 28: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/28.jpg)
Wikitravel doesn’t have a local account for this OpenID. Suggests me to create one. This happens only the first
time. It binds my OpenID (openid.openminds.be/frank) to this new account.
![Page 29: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/29.jpg)
Blog url as OpenID
• My OpenID: openid.openminds.be/frank
• My blog: frank.be
• Solution? Simple HTML tags!
![Page 30: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/30.jpg)
Add html headers tags
No other plugins or code needed on your blog!
![Page 31: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/31.jpg)
Who is using it?
![Page 32: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/32.jpg)
Who’s in the game?
![Page 33: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/33.jpg)
Plugins available for:
• Blog software (Wordpress, MT, Mephisto, ...)
• Wiki software (MediaWiki, DokuWiki, ...)
• Almost all Web frameworks (Drupal, Ruby on Rails, Joomla, Django, ...)
![Page 34: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/34.jpg)
Add OpenID to your project
• Lower barrier (users don’t need to create an account) eg: http://iusethis.com
• Simplifies account setup
• Specific hacks
• AIM integration
• Company Intranets or wiki’s and Company OpenID
![Page 35: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/35.jpg)
Problems?
• Google isn’t in, and won’t be in soon
• Login is slower (browser redirects ...)
• Vulnerable to Phishing
• risk actually less than with username / password logins
• can be fixed with plugins (and FF3)
![Page 36: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/36.jpg)
Future versions
• Exchange of more attributes
• Gravatars?
• Address (eg for shipping)
• Language / timezone settings
• Verified email address or not
• Security enhancements
![Page 42: OpenID Intro @ Barcamp Brussels 3](https://reader035.vdocuments.net/reader035/viewer/2022062617/54c8c5924a79591e078b459d/html5/thumbnails/42.jpg)
Links
• http://openid.openminds.be (still beta)
• http://myopenid.com
• http://openid.net
• http://janrain.com/openid
• http://openiddirectory.com