openid connect - terena · 2012-02-08 · mail:&[email protected] notary:&google.& o !...
TRANSCRIPT
![Page 1: OpenID Connect - TERENA · 2012-02-08 · Mail:&alice@example.com Notary:&Google.& O ! cial gle l ... Implementations in Java, Ruby, Pyton, (PHP) Interop tests ungoing interop event](https://reader033.vdocuments.mx/reader033/viewer/2022043017/5f39f1cd60f23e3b9e0db5f5/html5/thumbnails/1.jpg)
OpenID Connect
Presentation by Roland Hedberg at the 20th TF-EMC2 meeting
onsdag 8 februari 12
![Page 2: OpenID Connect - TERENA · 2012-02-08 · Mail:&alice@example.com Notary:&Google.& O ! cial gle l ... Implementations in Java, Ruby, Pyton, (PHP) Interop tests ungoing interop event](https://reader033.vdocuments.mx/reader033/viewer/2022043017/5f39f1cd60f23e3b9e0db5f5/html5/thumbnails/2.jpg)
Name: Alice de WonderlandMail: [email protected]: Google.
Official Google Seal
株式会
社グー
グル印
Name: Alice de WonderlandMail: [email protected]: Google.
Fig.1 OpenID Authen@ca@on
1. Who are you. Get me a referral leBer. Do not forget about Your email!
2. Plz write me a referral leBer。
3. Here you are
Alice
4. Here is the cer@ficate.
notary
Eve
Official Google Seal
onsdag 8 februari 12
![Page 3: OpenID Connect - TERENA · 2012-02-08 · Mail:&alice@example.com Notary:&Google.& O ! cial gle l ... Implementations in Java, Ruby, Pyton, (PHP) Interop tests ungoing interop event](https://reader033.vdocuments.mx/reader033/viewer/2022043017/5f39f1cd60f23e3b9e0db5f5/html5/thumbnails/3.jpg)
1. Who are YOU? Give me a valet key to your house. Then I will trust that you are the owner of the house.
2. Can you give me a valet key to my house?
3. Here you are!
Alice
4. Her is the key!
Fig.2 Pseudo-‐Authen@ca@on using OAuth
Apartment Controller
Eve
onsdag 8 februari 12
![Page 4: OpenID Connect - TERENA · 2012-02-08 · Mail:&alice@example.com Notary:&Google.& O ! cial gle l ... Implementations in Java, Ruby, Pyton, (PHP) Interop tests ungoing interop event](https://reader033.vdocuments.mx/reader033/viewer/2022043017/5f39f1cd60f23e3b9e0db5f5/html5/thumbnails/4.jpg)
Fig.3 OpenID Connect Authen;ca;on
1. Who are you. Get me a referral leBer. Do not forget about Your email!
2. Give Eve the locker Key and a referral leBer.
3. Here you are!
Alice
4. Here you are
Date:2011/5/15 11:00:04
Level of Assurance:2
Verifier:Google
Official Google Seal
Butler
Locker Locker
Eve
Date:2011/5/15 11:00:04
Level of Assurance:2
Verifier:Google
Official Google Seal
onsdag 8 februari 12
![Page 5: OpenID Connect - TERENA · 2012-02-08 · Mail:&alice@example.com Notary:&Google.& O ! cial gle l ... Implementations in Java, Ruby, Pyton, (PHP) Interop tests ungoing interop event](https://reader033.vdocuments.mx/reader033/viewer/2022043017/5f39f1cd60f23e3b9e0db5f5/html5/thumbnails/5.jpg)
Fig.4 OpenID Connect's Clams aggrega@on and distributed claims.
Name: Alice de WanderlandDoB: 1989/3/3Sex: FAddress: 135 Broadway., NY, NY
NY City Official Seal
Locker
UserInfo Endpoint
Site X
Site YSite Z
Eve
onsdag 8 februari 12
![Page 6: OpenID Connect - TERENA · 2012-02-08 · Mail:&alice@example.com Notary:&Google.& O ! cial gle l ... Implementations in Java, Ruby, Pyton, (PHP) Interop tests ungoing interop event](https://reader033.vdocuments.mx/reader033/viewer/2022043017/5f39f1cd60f23e3b9e0db5f5/html5/thumbnails/6.jpg)
Document Structure
onsdag 8 februari 12
![Page 7: OpenID Connect - TERENA · 2012-02-08 · Mail:&alice@example.com Notary:&Google.& O ! cial gle l ... Implementations in Java, Ruby, Pyton, (PHP) Interop tests ungoing interop event](https://reader033.vdocuments.mx/reader033/viewer/2022043017/5f39f1cd60f23e3b9e0db5f5/html5/thumbnails/7.jpg)
Standardization statusOAuth2 soon to be in IETF last ca" - again
JWS/JWE/JWK in IETF JOSE wg
JWT and SWD homeless
onsdag 8 februari 12
![Page 8: OpenID Connect - TERENA · 2012-02-08 · Mail:&alice@example.com Notary:&Google.& O ! cial gle l ... Implementations in Java, Ruby, Pyton, (PHP) Interop tests ungoing interop event](https://reader033.vdocuments.mx/reader033/viewer/2022043017/5f39f1cd60f23e3b9e0db5f5/html5/thumbnails/8.jpg)
Implementation statusImplementations in Java, Ruby, Pyton, (PHP)
Interop tests ungoing
interop event at the upcoming RSA conference
Andreas and mine conformance test web service in progress
onsdag 8 februari 12
![Page 9: OpenID Connect - TERENA · 2012-02-08 · Mail:&alice@example.com Notary:&Google.& O ! cial gle l ... Implementations in Java, Ruby, Pyton, (PHP) Interop tests ungoing interop event](https://reader033.vdocuments.mx/reader033/viewer/2022043017/5f39f1cd60f23e3b9e0db5f5/html5/thumbnails/9.jpg)
onsdag 8 februari 12