brad fitzpatrick brad@danga com six apart ltd livejournal danga august 2005 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Brad Fitzpatrick brad@danga Six Apart, Ltd. / LiveJournal / Danga August 2005 PowerPoint Presentation
Download Presentation
Brad Fitzpatrick brad@danga Six Apart, Ltd. / LiveJournal / Danga August 2005

Loading in 2 Seconds...

play fullscreen
1 / 9

Brad Fitzpatrick brad@danga Six Apart, Ltd. / LiveJournal / Danga August 2005 - PowerPoint PPT Presentation


  • 203 Views
  • Uploaded on

Brad Fitzpatrick brad@danga.com Six Apart, Ltd. / LiveJournal / Danga August 2005. What is OpenID?. an identity system all the rage lately a protocol gratis, libre not a service or company not Passport not TypeKey not Sxip survives if companies turn evil or go out of business. Why?.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Brad Fitzpatrick brad@danga Six Apart, Ltd. / LiveJournal / Danga August 2005' - Samuel


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
brad fitzpatrick brad@danga com six apart ltd livejournal danga august 2005
Brad Fitzpatrick

brad@danga.com

Six Apart, Ltd. / LiveJournal / Danga

August 2005

what is openid
What is OpenID?
  • an identity system
    • all the rage lately
  • a protocol
    • gratis, libre
  • not a service or company
    • not Passport
    • not TypeKey
    • not Sxip
  • survives if companies turn evil or go out of business
slide3
Why?

lame

  • no authentication way too common
  • comment spam
  • auth interop
    • LiveJournal
    • TypePad
    • Movable Type
    • DeadJournal, WordPress, TextPattern, .....
design goals
Design Goals
  • low barrier to entry
    • works with static HTML pages
    • no registration (no central server)
    • understandable identity (a URL)
      • no new namespace
      • no public keys (key revocation, etc...)
    • no SSL required
    • no browser plugins
  • most simple protocol possible
    • other needs layered atop
what openid isn t
What OpenID isn't...
  • a trust system
    • need identity before you can have trust
  • a solution for all identity problems
  • perfectly secure
    • DNS spoofing
    • man-in-the-middle
      • between some parts
how s it work
How's it work?
  • proves “who” you are
    • one-time assertions w/ digital signature
    • see openid.net for specs
  • not that you're a good person
    • spammers can/will/have setup OpenID servers
    • better than state of email today
    • Trust/reputation providers on their way
      • 5+ companies working on this
      • TrustRank
chicken egg
Chicken / Egg
  • LiveJournal / TypePad / Movable Type
    • all support OpenID server
    • OpenID consumer in LJ/MT
      • TypePad soon enough
  • TypeKey
    • still speaks TypeKey. also speaks OpenID
    • an OpenID provider for people without their own
  • 10M+ OpenID users who don't know it
    • already: DeadJ/GreatestJ/LiveJ interop
why urls as identity
Why URLs as identity?
  • already the convention
    • Comment by Matt at 7:23pm
    • mouseover to see which Matt
  • users don't understand public keys
  • users don't understand namespaces
  • users do understand URLs
    • 10+ years of billboards and TV commercials
  • you can click them
    • tangible
why should you use openid
Why should you use OpenID?
  • interop with others using OpenID
    • your users can mark external users leaving comments as “trusted” or “friends”
    • your users can bring their identity to other sites, thus advertising your service
  • not theoretical, already in use
  • can support OpenID + _______ in future
    • no reason to only support OpenID
  • free
  • open libraries for most languages