SlideShare ist ein Scribd-Unternehmen logo

OpenID & OAuth for the Consumer Web Workshop, Part 1 of 3

Chris Messina
Chris Messina

This is the first 1/3 of a workshop I gave with Eric Sachs and David Primmer of Google at the Cloud Identity Summit. http://www.cloudidentitysummit.com/

Technologie
1 von 133
Downloaden Sie, um offline zu lesen
OpenID & OAuth for the Consumer Web Chris Messina David Primmer Eric Sachs Ping Cloud Identity Summit Keystone, CO July 20, 2010
Agenda • The Value • The Technology • The Future • Breakouts
Agenda • The Value • The Technology • The Future • Breakouts
The Value
What
chris.messina@gmail.com ••••••••••
Why support third party auth? (Answers that relying parties should care about!) • Who do you want to be, in this context? • Who do you want to hang out with (in this context)? • How can we be instantly relevant and meet your needs with minimal effort? • What kind of handles and scaffolding can we provide to make it easier to create social interaction? 22
Why
Plaxo’s 92% Success Story
Spot the problem?
Second Brain
Evil Bad Brain
Plaxo’s 92% success story • specially-crafted email to Gmail users • Gmail users likely to have Google profile & address book • one-click sign up and address book import • also requests name, verified email address
Plaxo’s 92% success story • Better for the user: higher success rate with no password anti- pattern • Better for the provider: Happy users and no automated data scraping • Better for the site: Higher conversion rate; more informed social graph
+ + Portable Contacts
Photo by Teresa Stanton
Unique OpenID Relying Parties As of July 1, 2009 50,000 40,000 30,000 20,000 10,000 0 5 06 06 06 6 07 07 07 7 08 08 08 8 09 09 /0 /0 /0 /0 1/ 4/ 7/ 1/ 4/ 7/ 1/ 4/ 7/ 1/ 7/ 10 10 10 Data from Janrain 10
1 Billion+ OpenIDs
Janrain
OpenID usage trends (Janrain) OpenID Providers on UserVoice 34% 33% 10% 15% 8% Google Facebook Yahoo! Other Twitter Data from Janrain, May 2010
OpenID usage trends (Janrain) OpenID Providers on Interscope Records 8% 12% 12% 52% 6% 10% Google Facebook Yahoo! Other Twitter MySpace Data from Janrain, May 2010
OpenID usage trends (Janrain) OpenID Providers on sulit.com.ph 10% 24% 1% 64% Google Facebook Yahoo! Other Chart from Janrain, January 2009
OpenID usage trends (Janrain) Sign in preferences across all properties 23.5% Google 38.8% Facebook Yahoo! Other (MySpace, Windows Live, AOL, etc) 13.0% Twitter 5.8% 18.9% Data from Janrain, May 2010
Gigya
Third-party authentication usage trends (Gigya) Sign in preferences across all Gigya properties Source: Gigya, June 2010
Third-party authentication usage trends (Gigya) Sign in preferences across entertainment sites Source: Gigya, June 2010
Third-party authentication usage trends (Gigya) Sign in preferences across news sites Source: Gigya, June 2010
Third-party authentication usage trends (Gigya) Sign in preferences across B2B sites Source: Gigya, June 2010
Echo
Source: Echo, March 2010
What does this tell us? 54
What does this tell us? • People use different identities for different purposes 54
What does this tell us? • People use different identities for different purposes • Ultimately choice and competition is a good thing to foster in this early landscape 54
What does this tell us? • People use different identities for different purposes • Ultimately choice and competition is a good thing to foster in this early landscape • Digital identity is in its infancy; it’s too early to pick the winners 54
What does this tell us? Basecamp Lady Gaga
+
Totals Janrain OAuth 32% OpenID 48%+ Gigya OAuth 62% OpenID 38% Echo OAuth 35% OpenID 64%
It’s inevitable
conversion, convenience, costs
service
How
NASCAR
Photo by larry wfu
Photo by Vaguely Artistic
XAuth
WebFinger
WebFinger
The Hammer Stack Discovery for the open web
How WebFinger works Enter email: Email Lookup
How WebFinger works Enter email: chris.messina@gmail.com Lookup
How WebFinger works Enter email: chris.messina@gmail.com Lookup
How WebFinger works Discovering a user’s WebFinger profile chris.messina@gmail.com
How WebFinger works Discovering a user’s WebFinger profile chris.messina@gmail.com { domain
How WebFinger works Discovering a user’s WebFinger profile chris.messina@gmail.com { domain
How WebFinger works Use host meta to retrieve an LRDD document $curl http://gmail.com/.well-known/host-meta
How WebFinger works Use host meta to retrieve an LRDD document $curl http://gmail.com/.well-known/host-meta
How WebFinger works Use host meta to retrieve an LRDD document $curl http://gmail.com/.well-known/host-meta
How WebFinger works Server returns LRDD document <?xml version='1.0' encoding='UTF-8'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'      xmlns:hm='http://host-meta.net/xrd/1.0'>   <hm:Host xmlns='http://host-meta.net/xrd/1.0'>gmail.com</hm:Host>   <Link rel='lrdd'         template='http://www.google.com/s2/webfinger/?q={uri}'>     <Title>Resource Descriptor</Title>   </Link> </XRD>
How WebFinger works Server returns LRDD document <?xml version='1.0' encoding='UTF-8'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'      xmlns:hm='http://host-meta.net/xrd/1.0'>   <hm:Host xmlns='http://host-meta.net/xrd/1.0'>gmail.com</hm:Host>   <Link rel='lrdd'         template='http://www.google.com/s2/webfinger/?q={uri}'>     <Title>Resource Descriptor</Title>   </Link> </XRD>
How WebFinger works Plugin acct: into URI Template http://www.google.com/s2/webfinger/?q={uri}
How WebFinger works Plugin acct: into URI Template chris.messina@gmail.com http://www.google.com/s2/webfinger/?q={uri}
How WebFinger works Plugin acct: into URI Template acct:chris.messina@gmail.com http://www.google.com/s2/webfinger/?q={uri}
How WebFinger works Plugin acct: into URI Template http://www.google.com/s2/webfinger/?q={uri} acct:chris.messina@gmail.com
How WebFinger works Plugin acct: into URI Template http://www.google.com/s2/webfinger/?q={uri} acct:chris.messina@gmail.com
How WebFinger works Retrieve WebFinger document $curl http://www.google.com/s2/webfinger/?q=acct:chris.messina@gmail.com
How WebFinger works Retrieve WebFinger document $curl http://www.google.com/s2/webfinger/?q=acct:chris.messina@gmail.com
How WebFinger works Retrieve WebFinger document $curl http://www.google.com/s2/webfinger/?q=acct:chris.messina@gmail.com
How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
Putting it together Making OpenID easier using an email address Enter email: Email Connect Lookup
Putting it together Making OpenID easier using an email address Enter email: Email Connect
Putting it together Making OpenID easier using an email address Enter email: chris.messina@gmail.com Connect
Putting it together Making OpenID easier using an email address Enter email: chris.messina@gmail.com Connect
Putting it together Making OpenID easier using an email address Signed in as: Chris Messina 
Putting it together Making OpenID easier using an email address Signed in as: Chris Messina 
Connect
The anatomy of connect ...according to David Recordon 95 Source O’Reilly Radar.
The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) 95 Source O’Reilly Radar.
The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) 95 Source O’Reilly Radar.
The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) 95 Source O’Reilly Radar.
The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) • Activity (poked, bought, shared, blogged) 95 Source O’Reilly Radar.
The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) • Activity (poked, bought, shared, blogged) • Goal: Discovery of new people and content 95 Source O’Reilly Radar.
Connect
Agenda • The Value • The Technology • The Future • Breakouts

Empfohlen

Socialism, Activity Streams, & Federating The Social Web
Socialism, Activity Streams, & Federating The Social WebSocialism, Activity Streams, & Federating The Social Web
Socialism, Activity Streams, & Federating The Social Web
Chris Messina
 
Socialism and the Industrial Revolution
Socialism and the Industrial RevolutionSocialism and the Industrial Revolution
Socialism and the Industrial Revolution
jbdrury
 
Three things I've learned about Healthcare Social Media
Three things I've learned about Healthcare Social MediaThree things I've learned about Healthcare Social Media
Three things I've learned about Healthcare Social Media
Ed Bennett
 
App tracker file
App tracker fileApp tracker file
App tracker file
saranya3123
 
The Scandinavian mobile app market
The Scandinavian mobile app marketThe Scandinavian mobile app market
The Scandinavian mobile app market
Espen Riskedal
 
Ad Mob Mobile Metrics Mar 10 Publisher Survey
Ad Mob Mobile Metrics Mar 10 Publisher SurveyAd Mob Mobile Metrics Mar 10 Publisher Survey
Ad Mob Mobile Metrics Mar 10 Publisher Survey
Anna
 
Quick hits 020613 Europe
Quick hits 020613 EuropeQuick hits 020613 Europe
Quick hits 020613 Europe
Joe Morgan
 
2010 Social Networking Report
2010 Social Networking Report2010 Social Networking Report
2010 Social Networking Report
Tom Blefko
 

Empfohlen

Socialism, Activity Streams, & Federating The Social Web
Socialism, Activity Streams, & Federating The Social WebSocialism, Activity Streams, & Federating The Social Web
Socialism, Activity Streams, & Federating The Social Web
Chris Messina
 
Socialism and the Industrial Revolution
Socialism and the Industrial RevolutionSocialism and the Industrial Revolution
Socialism and the Industrial Revolution
jbdrury
 
Three things I've learned about Healthcare Social Media
Three things I've learned about Healthcare Social MediaThree things I've learned about Healthcare Social Media
Three things I've learned about Healthcare Social Media
Ed Bennett
 
App tracker file
App tracker fileApp tracker file
App tracker file
saranya3123
 
The Scandinavian mobile app market
The Scandinavian mobile app marketThe Scandinavian mobile app market
The Scandinavian mobile app market
Espen Riskedal
 
Ad Mob Mobile Metrics Mar 10 Publisher Survey
Ad Mob Mobile Metrics Mar 10 Publisher SurveyAd Mob Mobile Metrics Mar 10 Publisher Survey
Ad Mob Mobile Metrics Mar 10 Publisher Survey
Anna
 
Quick hits 020613 Europe
Quick hits 020613 EuropeQuick hits 020613 Europe
Quick hits 020613 Europe
Joe Morgan
 
2010 Social Networking Report
2010 Social Networking Report2010 Social Networking Report
2010 Social Networking Report
Tom Blefko
 
24.com Blogging Workshop
24.com Blogging Workshop24.com Blogging Workshop
24.com Blogging Workshop
Justin Hartman
 
Tweet!tweet!
Tweet!tweet!Tweet!tweet!
Tweet!tweet!
Richard Harrington
 
"Open CRM" - Tom Schuster
"Open CRM" - Tom Schuster"Open CRM" - Tom Schuster
"Open CRM" - Tom Schuster
Outdare
 
Nanomaterials 2010
Nanomaterials 2010Nanomaterials 2010
Nanomaterials 2010
Tim Harper
 
Multiple Species Grazing in Oklahoma
Multiple Species Grazing in OklahomaMultiple Species Grazing in Oklahoma
Multiple Species Grazing in Oklahoma
Kerr Center for Sustainable Agriculture
 
Engaging interaction part two
Engaging interaction part twoEngaging interaction part two
Engaging interaction part two
carolinestallings
 
Twitter en EE.UU 2010
Twitter en EE.UU 2010Twitter en EE.UU 2010
Twitter en EE.UU 2010
Esther Vargas
 
Twitter usage in_america_2010
Twitter usage in_america_2010Twitter usage in_america_2010
Twitter usage in_america_2010
Jack Noble
 
Twitter usage in america 2010
Twitter usage in america 2010Twitter usage in america 2010
Twitter usage in america 2010
Mitya Voskresensky
 
Uber Developer Platform Overview for Apigee Webcast
Uber Developer Platform Overview for Apigee WebcastUber Developer Platform Overview for Apigee Webcast
Uber Developer Platform Overview for Apigee Webcast
Chris Messina
 
Joining the conversation
Joining the conversationJoining the conversation
Joining the conversation
Chris Messina
 
Joining the Conversation
Joining the ConversationJoining the Conversation
Joining the Conversation
Chris Messina
 
Future of the Social Web and How to Stop It
Future of the Social Web and How to Stop ItFuture of the Social Web and How to Stop It
Future of the Social Web and How to Stop It
Chris Messina
 
SWAT0 (variant flow)
SWAT0 (variant flow)SWAT0 (variant flow)
SWAT0 (variant flow)
Chris Messina
 
Google & the open, social web
Google & the open, social webGoogle & the open, social web
Google & the open, social web
Chris Messina
 
Activity Streams, Socialism, & the Future of Open Source
Activity Streams, Socialism, & the Future of Open SourceActivity Streams, Socialism, & the Future of Open Source
Activity Streams, Socialism, & the Future of Open Source
Chris Messina
 
The Open and Social Web
The Open and Social WebThe Open and Social Web
The Open and Social Web
Chris Messina
 
The Future of the Social Web and How to Stop It
The Future of the Social Web and How to Stop ItThe Future of the Social Web and How to Stop It
The Future of the Social Web and How to Stop It
Chris Messina
 
Google and the Social Web (Mexico City Dev Fest 2010)
Google and the Social Web (Mexico City Dev Fest 2010)Google and the Social Web (Mexico City Dev Fest 2010)
Google and the Social Web (Mexico City Dev Fest 2010)
Chris Messina
 
ActivityStrea.ms: Is It Getting Streamy In Here?
ActivityStrea.ms: Is It Getting Streamy In Here?ActivityStrea.ms: Is It Getting Streamy In Here?
ActivityStrea.ms: Is It Getting Streamy In Here?
Chris Messina
 
Identity is the platform (Netflix)
Identity is the platform (Netflix)Identity is the platform (Netflix)
Identity is the platform (Netflix)
Chris Messina
 
Identity is the platform (Toronto)
Identity is the platform (Toronto)Identity is the platform (Toronto)
Identity is the platform (Toronto)
Chris Messina
 

Weitere ähnliche Inhalte

Ähnlich wie OpenID & OAuth for the Consumer Web Workshop, Part 1 of 3

Engaging interaction part two
Engaging interaction part twoEngaging interaction part two
Engaging interaction part two
carolinestallings
 
Twitter usage in_america_2010
Twitter usage in_america_2010Twitter usage in_america_2010
Twitter usage in_america_2010
Jack Noble
 

Ähnlich wie OpenID & OAuth for the Consumer Web Workshop, Part 1 of 3 (9)

24.com Blogging Workshop
24.com Blogging Workshop24.com Blogging Workshop
24.com Blogging Workshop
 
Tweet!tweet!
Tweet!tweet!Tweet!tweet!
Tweet!tweet!
 
"Open CRM" - Tom Schuster
"Open CRM" - Tom Schuster"Open CRM" - Tom Schuster
"Open CRM" - Tom Schuster
 
Nanomaterials 2010
Nanomaterials 2010Nanomaterials 2010
Nanomaterials 2010
 
Multiple Species Grazing in Oklahoma
Multiple Species Grazing in OklahomaMultiple Species Grazing in Oklahoma
Multiple Species Grazing in Oklahoma
 
Engaging interaction part two
Engaging interaction part twoEngaging interaction part two
Engaging interaction part two
 
Twitter en EE.UU 2010
Twitter en EE.UU 2010Twitter en EE.UU 2010
Twitter en EE.UU 2010
 
Twitter usage in_america_2010
Twitter usage in_america_2010Twitter usage in_america_2010
Twitter usage in_america_2010
 
Twitter usage in america 2010
Twitter usage in america 2010Twitter usage in america 2010
Twitter usage in america 2010
 

Mehr von Chris Messina

Joining the conversation
Joining the conversationJoining the conversation
Joining the conversation
Chris Messina
 
Joining the Conversation
Joining the ConversationJoining the Conversation
Joining the Conversation
Chris Messina
 
SWAT0 (variant flow)
SWAT0 (variant flow)SWAT0 (variant flow)
SWAT0 (variant flow)
Chris Messina
 
Identity is the platform (Toronto)
Identity is the platform (Toronto)Identity is the platform (Toronto)
Identity is the platform (Toronto)
Chris Messina
 
Openness In The Era Of Social Web
Openness In The Era Of Social WebOpenness In The Era Of Social Web
Openness In The Era Of Social Web
Chris Messina
 
The Open, Social Web (N2Y4)
The Open, Social Web (N2Y4)The Open, Social Web (N2Y4)
The Open, Social Web (N2Y4)
Chris Messina
 
New Assumptions for Designing for the Social Web
New Assumptions for Designing for the Social WebNew Assumptions for Designing for the Social Web
New Assumptions for Designing for the Social Web
Chris Messina
 

Mehr von Chris Messina (20)

Uber Developer Platform Overview for Apigee Webcast
Uber Developer Platform Overview for Apigee WebcastUber Developer Platform Overview for Apigee Webcast
Uber Developer Platform Overview for Apigee Webcast
 
Joining the conversation
Joining the conversationJoining the conversation
Joining the conversation
 
Joining the Conversation
Joining the ConversationJoining the Conversation
Joining the Conversation
 
Future of the Social Web and How to Stop It
Future of the Social Web and How to Stop ItFuture of the Social Web and How to Stop It
Future of the Social Web and How to Stop It
 
SWAT0 (variant flow)
SWAT0 (variant flow)SWAT0 (variant flow)
SWAT0 (variant flow)
 
Google & the open, social web
Google & the open, social webGoogle & the open, social web
Google & the open, social web
 
Activity Streams, Socialism, & the Future of Open Source
Activity Streams, Socialism, & the Future of Open SourceActivity Streams, Socialism, & the Future of Open Source
Activity Streams, Socialism, & the Future of Open Source
 
The Open and Social Web
The Open and Social WebThe Open and Social Web
The Open and Social Web
 
The Future of the Social Web and How to Stop It
The Future of the Social Web and How to Stop ItThe Future of the Social Web and How to Stop It
The Future of the Social Web and How to Stop It
 
Google and the Social Web (Mexico City Dev Fest 2010)
Google and the Social Web (Mexico City Dev Fest 2010)Google and the Social Web (Mexico City Dev Fest 2010)
Google and the Social Web (Mexico City Dev Fest 2010)
 
ActivityStrea.ms: Is It Getting Streamy In Here?
ActivityStrea.ms: Is It Getting Streamy In Here?ActivityStrea.ms: Is It Getting Streamy In Here?
ActivityStrea.ms: Is It Getting Streamy In Here?
 
Identity is the platform (Netflix)
Identity is the platform (Netflix)Identity is the platform (Netflix)
Identity is the platform (Netflix)
 
Identity is the platform (Toronto)
Identity is the platform (Toronto)Identity is the platform (Toronto)
Identity is the platform (Toronto)
 
Identity is the Platform (Russian variant)
Identity is the Platform (Russian variant)Identity is the Platform (Russian variant)
Identity is the Platform (Russian variant)
 
Identity is the Platform
Identity is the PlatformIdentity is the Platform
Identity is the Platform
 
The Open, Social Web Workshop
The Open, Social Web WorkshopThe Open, Social Web Workshop
The Open, Social Web Workshop
 
Social Network Supermarkets and How to Defeat Them
Social Network Supermarkets and How to Defeat ThemSocial Network Supermarkets and How to Defeat Them
Social Network Supermarkets and How to Defeat Them
 
Openness In The Era Of Social Web
Openness In The Era Of Social WebOpenness In The Era Of Social Web
Openness In The Era Of Social Web
 
The Open, Social Web (N2Y4)
The Open, Social Web (N2Y4)The Open, Social Web (N2Y4)
The Open, Social Web (N2Y4)
 
New Assumptions for Designing for the Social Web
New Assumptions for Designing for the Social WebNew Assumptions for Designing for the Social Web
New Assumptions for Designing for the Social Web
 

Kürzlich hochgeladen

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Kürzlich hochgeladen (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

OpenID & OAuth for the Consumer Web Workshop, Part 1 of 3

  • 1. OpenID & OAuth for the Consumer Web Chris Messina David Primmer Eric Sachs Ping Cloud Identity Summit Keystone, CO July 20, 2010
  • 2. Agenda • The Value • The Technology • The Future • Breakouts
  • 3. Agenda • The Value • The Technology • The Future • Breakouts
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22. Why support third party auth? (Answers that relying parties should care about!) • Who do you want to be, in this context? • Who do you want to hang out with (in this context)? • How can we be instantly relevant and meet your needs with minimal effort? • What kind of handles and scaffolding can we provide to make it easier to create social interaction? 22
  • 23. Why
  • 25.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36. Plaxo’s 92% success story • specially-crafted email to Gmail users • Gmail users likely to have Google profile & address book • one-click sign up and address book import • also requests name, verified email address
  • 37. Plaxo’s 92% success story • Better for the user: higher success rate with no password anti- pattern • Better for the provider: Happy users and no automated data scraping • Better for the site: Higher conversion rate; more informed social graph
  • 38. + + Portable Contacts
  • 39.
  • 40. Photo by Teresa Stanton
  • 41. Unique OpenID Relying Parties As of July 1, 2009 50,000 40,000 30,000 20,000 10,000 0 5 06 06 06 6 07 07 07 7 08 08 08 8 09 09 /0 /0 /0 /0 1/ 4/ 7/ 1/ 4/ 7/ 1/ 4/ 7/ 1/ 7/ 10 10 10 Data from Janrain 10
  • 44. OpenID usage trends (Janrain) OpenID Providers on UserVoice 34% 33% 10% 15% 8% Google Facebook Yahoo! Other Twitter Data from Janrain, May 2010
  • 45. OpenID usage trends (Janrain) OpenID Providers on Interscope Records 8% 12% 12% 52% 6% 10% Google Facebook Yahoo! Other Twitter MySpace Data from Janrain, May 2010
  • 46. OpenID usage trends (Janrain) OpenID Providers on sulit.com.ph 10% 24% 1% 64% Google Facebook Yahoo! Other Chart from Janrain, January 2009
  • 47. OpenID usage trends (Janrain) Sign in preferences across all properties 23.5% Google 38.8% Facebook Yahoo! Other (MySpace, Windows Live, AOL, etc) 13.0% Twitter 5.8% 18.9% Data from Janrain, May 2010
  • 48. Gigya
  • 49. Third-party authentication usage trends (Gigya) Sign in preferences across all Gigya properties Source: Gigya, June 2010
  • 50. Third-party authentication usage trends (Gigya) Sign in preferences across entertainment sites Source: Gigya, June 2010
  • 51. Third-party authentication usage trends (Gigya) Sign in preferences across news sites Source: Gigya, June 2010
  • 52. Third-party authentication usage trends (Gigya) Sign in preferences across B2B sites Source: Gigya, June 2010
  • 53. Echo
  • 55. What does this tell us? 54
  • 56. What does this tell us? • People use different identities for different purposes 54
  • 57. What does this tell us? • People use different identities for different purposes • Ultimately choice and competition is a good thing to foster in this early landscape 54
  • 58. What does this tell us? • People use different identities for different purposes • Ultimately choice and competition is a good thing to foster in this early landscape • Digital identity is in its infancy; it’s too early to pick the winners 54
  • 59. What does this tell us? Basecamp Lady Gaga
  • 60.
  • 61. +
  • 62. Totals Janrain OAuth 32% OpenID 48%+ Gigya OAuth 62% OpenID 38% Echo OAuth 35% OpenID 64%
  • 66. How
  • 68.
  • 69.
  • 70.
  • 71.
  • 73. Photo by Vaguely Artistic
  • 74.
  • 75.
  • 76.
  • 77.
  • 78.
  • 79.
  • 80.
  • 81.
  • 82.
  • 83.
  • 84.
  • 85. XAuth
  • 86.
  • 87.
  • 88.
  • 89.
  • 90.
  • 93. The Hammer Stack Discovery for the open web
  • 94. How WebFinger works Enter email: Email Lookup
  • 95. How WebFinger works Enter email: chris.messina@gmail.com Lookup
  • 96. How WebFinger works Enter email: chris.messina@gmail.com Lookup
  • 97. How WebFinger works Discovering a user’s WebFinger profile chris.messina@gmail.com
  • 98. How WebFinger works Discovering a user’s WebFinger profile chris.messina@gmail.com { domain
  • 99. How WebFinger works Discovering a user’s WebFinger profile chris.messina@gmail.com { domain
  • 100. How WebFinger works Use host meta to retrieve an LRDD document $curl http://gmail.com/.well-known/host-meta
  • 101. How WebFinger works Use host meta to retrieve an LRDD document $curl http://gmail.com/.well-known/host-meta
  • 102. How WebFinger works Use host meta to retrieve an LRDD document $curl http://gmail.com/.well-known/host-meta
  • 103. How WebFinger works Server returns LRDD document <?xml version='1.0' encoding='UTF-8'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'      xmlns:hm='http://host-meta.net/xrd/1.0'>   <hm:Host xmlns='http://host-meta.net/xrd/1.0'>gmail.com</hm:Host>   <Link rel='lrdd'         template='http://www.google.com/s2/webfinger/?q={uri}'>     <Title>Resource Descriptor</Title>   </Link> </XRD>
  • 104. How WebFinger works Server returns LRDD document <?xml version='1.0' encoding='UTF-8'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'      xmlns:hm='http://host-meta.net/xrd/1.0'>   <hm:Host xmlns='http://host-meta.net/xrd/1.0'>gmail.com</hm:Host>   <Link rel='lrdd'         template='http://www.google.com/s2/webfinger/?q={uri}'>     <Title>Resource Descriptor</Title>   </Link> </XRD>
  • 105. How WebFinger works Plugin acct: into URI Template http://www.google.com/s2/webfinger/?q={uri}
  • 106. How WebFinger works Plugin acct: into URI Template chris.messina@gmail.com http://www.google.com/s2/webfinger/?q={uri}
  • 107. How WebFinger works Plugin acct: into URI Template acct:chris.messina@gmail.com http://www.google.com/s2/webfinger/?q={uri}
  • 108. How WebFinger works Plugin acct: into URI Template http://www.google.com/s2/webfinger/?q={uri} acct:chris.messina@gmail.com
  • 109. How WebFinger works Plugin acct: into URI Template http://www.google.com/s2/webfinger/?q={uri} acct:chris.messina@gmail.com
  • 110. How WebFinger works Retrieve WebFinger document $curl http://www.google.com/s2/webfinger/?q=acct:chris.messina@gmail.com
  • 111. How WebFinger works Retrieve WebFinger document $curl http://www.google.com/s2/webfinger/?q=acct:chris.messina@gmail.com
  • 112. How WebFinger works Retrieve WebFinger document $curl http://www.google.com/s2/webfinger/?q=acct:chris.messina@gmail.com
  • 113. How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
  • 114. How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
  • 115.
  • 116. How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
  • 117. How WebFinger works XRD Profile <?xml version='1.0'?> <XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'> <Subject>acct:chris.messina@gmail.com</Subject> <Alias>http://www.google.com/profiles/chris.messina</Alias> <Link rel='http://portablecontacts.net/spec/1.0' href='http://www-opensocial.googleusercontent.com/api/people/'/> <Link rel='http://webfinger.net/rel/profile-page' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://microformats.org/profile/hcard' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://gmpg.org/xfn/11' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='http://specs.openid.net/auth/2.0/provider' href='http://www.google.com/profiles/chris.messina'/> <Link rel='describedby' href='http://www.google.com/profiles/chris.messina' type='text/html'/> <Link rel='describedby' href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&amp;fmt=foaf' type='application/rdf+xml'/> <Link rel='http://schemas.google.com/g/2010#updates-from' href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted' type='application/atom+xml'/> </XRD>
  • 118. Putting it together Making OpenID easier using an email address Enter email: Email Connect Lookup
  • 119. Putting it together Making OpenID easier using an email address Enter email: Email Connect
  • 120. Putting it together Making OpenID easier using an email address Enter email: chris.messina@gmail.com Connect
  • 121. Putting it together Making OpenID easier using an email address Enter email: chris.messina@gmail.com Connect
  • 122.
  • 123. Putting it together Making OpenID easier using an email address Signed in as: Chris Messina 
  • 124. Putting it together Making OpenID easier using an email address Signed in as: Chris Messina 
  • 126. The anatomy of connect ...according to David Recordon 95 Source O’Reilly Radar.
  • 127. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) 95 Source O’Reilly Radar.
  • 128. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) 95 Source O’Reilly Radar.
  • 129. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) 95 Source O’Reilly Radar.
  • 130. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) • Activity (poked, bought, shared, blogged) 95 Source O’Reilly Radar.
  • 131. The anatomy of connect ...according to David Recordon • Profile (identity, accounts, profiles) • Relationships (followers, friends, contacts) • Content (posts, photos, videos, links) • Activity (poked, bought, shared, blogged) • Goal: Discovery of new people and content 95 Source O’Reilly Radar.
  • 133. Agenda • The Value • The Technology • The Future • Breakouts