openid - simon willison - media in transition

Report

Tags:

Post on 24-May-2015

1.483 Views

Category:

Technology

1 Downloads

Preview:

Click to see full reader

DESCRIPTION

OpenId is the game changer for social networks, allowing for portability of the social graph and preferences

TRANSCRIPT

URL based identity with OpenID

Simon Willison, http://simonwillison.net/Media in Transition, 6th September 2007

http://simonwillison.net
http://simonwillison.net

The web authentication problem

What username did I use again?

What password did I use again?

The Web needsSingle Sign On

?

SSO with a single controlling authoritybetrays the principles

of the Web

OpenID is decentralised

• An open standard, developed in public

• No controlling authority

• No need to ask permission before implementing it

An OpenID is a URL

• http://swillison.livejournal.com/

• http://simonwillison.myopenid.com/

• http://simonwillison.net/

http://swillison.livejournal.com
http://swillison.livejournal.com
http://simonwillison.myopenid.com
http://simonwillison.myopenid.com
http://simonwillison.net
http://simonwillison.net

Here’s how it works

The sign-up problem

OpenID’s Simple Registration extensioncan help users provide name, e-mail, D.O.B...

The web profile problem

• Each of these pages has a URL

• If the services supported it, each of these URLs can be an OpenID

• This lets me assert ownership of my profile

• I can use OpenID to tie profiles together across multiple sites

• Every site wants to know about my social network

• Re-friending everyone on every site I visit is tedious, and a major barrier to adoption

• The Facebook platform lets me reuse the Facebook social graph - but I have to abide by their rules

The social network problem

OpenID provides the globally unique identifier needed to

create a portable social graph

OpenID adoption

Total Relying Parties

0

875

1,750

2,625

3,500

Sep '

05 Oct

Nov Dec

Jan '0

6Fe

bMar Apr May

June

July

Aug Sep

Oct

Nov Dec

Jan '0

7Fe

bMar Apr May

June

What’s in it for you?

• Reduces the overhead for signing up for an account on your service - great for attracting early adopters

• The ability to “prove” ownership of your account is an excellent complement to your service’s Web Service API

• You can learn about a user’s profiles elsewhere on the Web

Some FAQs

• Does this mean I no longer have a database of user accounts?

• How do I know that an OpenID is a real person, and not an evil spammer?

• Isn’t it a bad idea to outsource the security of my users to a third party?

• What are the privacy implications of this?

http://openid.net/

http://www.openidenabled.com/

http://simonwillison.net/tags/openid/

http://openid.net
http://openid.net
http://www.openidenabled.com
http://www.openidenabled.com
http://simonwillison.net/tags/openid/
http://simonwillison.net/tags/openid/

top related

openid contexts
Technology
20091029 openid talk
Technology
openid 101
Technology
oracle banking apis openid guide banking api… · openid 5...
Documents
listpod with openid
News & Politics
openid connect explained
Technology
christi willison | pb | 505-878-6564 | willison@pbworld.com...
Documents
openid and elearning
Technology
openid technight #6 - openid on smart.fm
Technology
rails flavoured openid
Technology
accountchooser - openid
Documents
openid ux summit
Technology
openid certification -...
Documents
openid security
Technology
openid connect working group and openid...
Documents
openid y php
Documents
the willison review
Documents
openid 2009
Technology
simon willison @ fowa feb 07
Technology
foaf openid milan
Technology