IIW #13 report at idcon #10

IIW #13, 18-21 OCT 2011

J.MP/IIW13

OAUTH 2.0 • Service Chaining With Oauth Bearer Tokens •
Federated Authorization w/ OAuth2 • OAuth Web Authentication Where the Protocol is and What’s Next • Identity Layer 4 OAuth 2 and Multi-Protocol Support Discussion

FEDERATED AUTHORIZATION W/ OAUTH2 Client Resource Server Federated AuthZ Server
Auth Grant JWT Token JWT as Bearer Validate JWT (OPTIONAL) Resource

OAUTH WEB AUTHENTICATION WHAT’S NEXT • OAuth 2.0 RFC expected
in Nov 2011 • Identity layer in OAuth not in OpenID Connect? • OAuth WG Rechartering [OAuth WG] JWT, SWD, OAuth Assertions, OAuth SAML proﬁle, Token Revocation, OAuth JWT proﬁle [JOSE WG] JWS, JTE, JWK

JOSE WG OAuth WG

• OpenID Connect Intro • OpenID Connect Spec Work Client
Registration • OpenID Connect Spec Work Session • OpenID Connect Editing Session • OpenID Connect Flows and Levels of Assurance • Smart OpenID Connect Chip to Cloud via OpenID Connect OPENID CONNECT

• OpenID Connect Intro • OpenID Connect Spec Work Client
Registration • OpenID Connect Spec Work Session • OpenID Connect Editing Session • OpenID Connect Flows and Levels of Assurance • Smart OpenID Connect Chip to Cloud via OpenID Connect OPENID CONNECT MAINLY SPEC WORKS, BUT LOTS OF MENTIONS AROUND

OPENID WORKSHOP • 10/17 at AOL (the day before IIW#13
started) • Interop Review • @ritou, @nov, NRI US (Edmund) • Discussion about Implementers Dra3 • Open Issues Review

MONETIZING STREET IDENTITY & MOBILE AUTHENTICATION ‘LMNOP’ $1.00 verify http://j.mp/street_identity
veriﬁed address $x.xx RPs veriﬁed address

OPEN TRANSACT

• 1st F2F meet-up w/ @pelleb & @tomwiththeweath • Spec
Updates • 1st formal-ish document (opentransact.org/core) • OAuth 2.0 based (will be OpenID Connect based) • Receipt format, Discovery etc.

• OAuth 2.0 spec is going to next phase •
More extensions, federation, service-chaining etc. • OpenID Connect is hot • Implementers Dra3 coming soon.. • Open Identity Attribute Exchange Summit (11/09-10 in Washington, D.C.)

OPEN TRANSACT [HOMEWORK] MAKE THIS OPENID CONNECT BASED

IIW #13 report at idcon #10

IIW #13 report at idcon #10

Nov Matake

More Decks by Nov Matake

Other Decks in Technology

Featured

Transcript

@nov

IIW #13, 18-21 OCT 2011

J.MP/IIW13

OAUTH 2.0 • Service Chaining With Oauth Bearer Tokens •

FEDERATED AUTHORIZATION W/ OAUTH2 Client Resource Server Federated AuthZ Server

FEDERATED AUTHORIZATION W/ OAUTH2 Client Resource Server Federated AuthZ Server

OAUTH WEB AUTHENTICATION WHAT’S NEXT • OAuth 2.0 RFC expected

JOSE WG OAuth WG

• OpenID Connect Intro • OpenID Connect Spec Work Client

• OpenID Connect Intro • OpenID Connect Spec Work Client

OPENID WORKSHOP • 10/17 at AOL (the day before IIW#13

MONETIZING STREET IDENTITY & MOBILE AUTHENTICATION ‘LMNOP’ $1.00 verify http://j.mp/street_identity

OPEN TRANSACT

• 1st F2F meet-up w/ @pelleb & @tomwiththeweath • Spec

• OAuth 2.0 spec is going to next phase •

OPEN TRANSACT [HOMEWORK] MAKE THIS OPENID CONNECT BASED