Weitere ähnliche Inhalte Ähnlich wie OpenID & OAuth for the Consumer Web Workshop, Part 1 of 3 (9) Mehr von Chris Messina (20) Kürzlich hochgeladen (20) OpenID & OAuth for the Consumer Web Workshop, Part 1 of 31. OpenID & OAuth for the
Consumer Web
Chris Messina
David Primmer
Eric Sachs
Ping Cloud Identity Summit
Keystone, CO
July 20, 2010
22. Why support third party auth?
(Answers that relying parties should care about!)
• Who do you want to be, in this context?
• Who do you want to hang out with (in this context)?
• How can we be instantly relevant and meet your needs
with minimal effort?
• What kind of handles and scaffolding can we provide to make it
easier to create social interaction?
22
36. Plaxo’s 92% success story
• specially-crafted email to Gmail users
• Gmail users likely to have Google profile & address book
• one-click sign up and address book import
• also requests name, verified email address
37. Plaxo’s 92% success story
• Better for the user: higher success rate with no password anti-
pattern
• Better for the provider: Happy users and no automated data
scraping
• Better for the site: Higher conversion rate; more informed social
graph
38. + + Portable Contacts
41. Unique OpenID Relying Parties
As of July 1, 2009
50,000
40,000
30,000
20,000
10,000
0
5
06
06
06
6
07
07
07
7
08
08
08
8
09
09
/0
/0
/0
/0
1/
4/
7/
1/
4/
7/
1/
4/
7/
1/
7/
10
10
10
Data from Janrain
10
44. OpenID usage trends (Janrain)
OpenID Providers on UserVoice
34% 33%
10%
15%
8%
Google Facebook Yahoo! Other
Twitter
Data from Janrain, May 2010
45. OpenID usage trends (Janrain)
OpenID Providers on Interscope Records
8%
12%
12%
52%
6%
10%
Google Facebook Yahoo! Other
Twitter MySpace
Data from Janrain, May 2010
46. OpenID usage trends (Janrain)
OpenID Providers on sulit.com.ph
10%
24%
1%
64%
Google Facebook Yahoo! Other
Chart from Janrain, January 2009
47. OpenID usage trends (Janrain)
Sign in preferences across all properties
23.5%
Google
38.8%
Facebook
Yahoo!
Other (MySpace, Windows Live, AOL, etc)
13.0%
Twitter
5.8%
18.9%
Data from Janrain, May 2010
56. What does this tell us?
• People use different identities for different purposes
54
57. What does this tell us?
• People use different identities for different purposes
• Ultimately choice and competition is a good thing to foster in this
early landscape
54
58. What does this tell us?
• People use different identities for different purposes
• Ultimately choice and competition is a good thing to foster in this
early landscape
• Digital identity is in its infancy; it’s too early to pick the winners
54
62. Totals
Janrain OAuth 32%
OpenID 48%+
Gigya OAuth 62%
OpenID 38%
Echo OAuth 35%
OpenID 64%
103. How WebFinger works
Server returns LRDD document
<?xml version='1.0' encoding='UTF-8'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'
xmlns:hm='http://host-meta.net/xrd/1.0'>
<hm:Host xmlns='http://host-meta.net/xrd/1.0'>gmail.com</hm:Host>
<Link rel='lrdd'
template='http://www.google.com/s2/webfinger/?q={uri}'>
<Title>Resource Descriptor</Title>
</Link>
</XRD>
104. How WebFinger works
Server returns LRDD document
<?xml version='1.0' encoding='UTF-8'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'
xmlns:hm='http://host-meta.net/xrd/1.0'>
<hm:Host xmlns='http://host-meta.net/xrd/1.0'>gmail.com</hm:Host>
<Link rel='lrdd'
template='http://www.google.com/s2/webfinger/?q={uri}'>
<Title>Resource Descriptor</Title>
</Link>
</XRD>
113. How WebFinger works
XRD Profile
<?xml version='1.0'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
<Subject>acct:chris.messina@gmail.com</Subject>
<Alias>http://www.google.com/profiles/chris.messina</Alias>
<Link rel='http://portablecontacts.net/spec/1.0'
href='http://www-opensocial.googleusercontent.com/api/people/'/>
<Link rel='http://webfinger.net/rel/profile-page'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://microformats.org/profile/hcard'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://gmpg.org/xfn/11'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://specs.openid.net/auth/2.0/provider'
href='http://www.google.com/profiles/chris.messina'/>
<Link rel='describedby'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='describedby'
href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&fmt=foaf'
type='application/rdf+xml'/>
<Link rel='http://schemas.google.com/g/2010#updates-from'
href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted'
type='application/atom+xml'/>
</XRD>
114. How WebFinger works
XRD Profile
<?xml version='1.0'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
<Subject>acct:chris.messina@gmail.com</Subject>
<Alias>http://www.google.com/profiles/chris.messina</Alias>
<Link rel='http://portablecontacts.net/spec/1.0'
href='http://www-opensocial.googleusercontent.com/api/people/'/>
<Link rel='http://webfinger.net/rel/profile-page'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://microformats.org/profile/hcard'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://gmpg.org/xfn/11'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://specs.openid.net/auth/2.0/provider'
href='http://www.google.com/profiles/chris.messina'/>
<Link rel='describedby'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='describedby'
href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&fmt=foaf'
type='application/rdf+xml'/>
<Link rel='http://schemas.google.com/g/2010#updates-from'
href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted'
type='application/atom+xml'/>
</XRD>
116. How WebFinger works
XRD Profile
<?xml version='1.0'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
<Subject>acct:chris.messina@gmail.com</Subject>
<Alias>http://www.google.com/profiles/chris.messina</Alias>
<Link rel='http://portablecontacts.net/spec/1.0'
href='http://www-opensocial.googleusercontent.com/api/people/'/>
<Link rel='http://webfinger.net/rel/profile-page'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://microformats.org/profile/hcard'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://gmpg.org/xfn/11'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://specs.openid.net/auth/2.0/provider'
href='http://www.google.com/profiles/chris.messina'/>
<Link rel='describedby'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='describedby'
href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&fmt=foaf'
type='application/rdf+xml'/>
<Link rel='http://schemas.google.com/g/2010#updates-from'
href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted'
type='application/atom+xml'/>
</XRD>
117. How WebFinger works
XRD Profile
<?xml version='1.0'?>
<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
<Subject>acct:chris.messina@gmail.com</Subject>
<Alias>http://www.google.com/profiles/chris.messina</Alias>
<Link rel='http://portablecontacts.net/spec/1.0'
href='http://www-opensocial.googleusercontent.com/api/people/'/>
<Link rel='http://webfinger.net/rel/profile-page'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://microformats.org/profile/hcard'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://gmpg.org/xfn/11'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='http://specs.openid.net/auth/2.0/provider'
href='http://www.google.com/profiles/chris.messina'/>
<Link rel='describedby'
href='http://www.google.com/profiles/chris.messina'
type='text/html'/>
<Link rel='describedby'
href='http://s2.googleusercontent.com/webfinger/?q=chris.messina%40gmail.com&fmt=foaf'
type='application/rdf+xml'/>
<Link rel='http://schemas.google.com/g/2010#updates-from'
href='http://buzz.googleapis.com/feeds/102034052532213921839/public/posted'
type='application/atom+xml'/>
</XRD>
126. The anatomy of connect
...according to David Recordon
95 Source O’Reilly Radar.
127. The anatomy of connect
...according to David Recordon
• Profile (identity, accounts, profiles)
95 Source O’Reilly Radar.
128. The anatomy of connect
...according to David Recordon
• Profile (identity, accounts, profiles)
• Relationships (followers, friends, contacts)
95 Source O’Reilly Radar.
129. The anatomy of connect
...according to David Recordon
• Profile (identity, accounts, profiles)
• Relationships (followers, friends, contacts)
• Content (posts, photos, videos, links)
95 Source O’Reilly Radar.
130. The anatomy of connect
...according to David Recordon
• Profile (identity, accounts, profiles)
• Relationships (followers, friends, contacts)
• Content (posts, photos, videos, links)
• Activity (poked, bought, shared, blogged)
95 Source O’Reilly Radar.
131. The anatomy of connect
...according to David Recordon
• Profile (identity, accounts, profiles)
• Relationships (followers, friends, contacts)
• Content (posts, photos, videos, links)
• Activity (poked, bought, shared, blogged)
• Goal: Discovery of new people and content
95 Source O’Reilly Radar.