6. OAUTH 2.0
• Service Chaining With Oauth Bearer Tokens
• Federated Authorization w/ OAuth2
• OAuth
Web Authentication Where the Protocol is
and What’s Next
• Identity
Layer 4 OAuth 2 and Multi-Protocol
Support Discussion
7. FEDERATED AUTHORIZATION W/ OAUTH2
Federated
Client Resource Server AuthZ Server
Auth Grant
JWT Token
JWT as Bearer
Validate JWT
(OPTIONAL)
Resource
8. FEDERATED AUTHORIZATION W/ OAUTH2
Federated
Client Resource Server AuthZ Server
Auth Grant
JWT Token
JWT as Bearer
Validate JWT
(OPTIONAL)
Resource
9. OAUTH WEB AUTHENTICATION
WHAT’S NEXT
• OAuth 2.0 RFC expected in Nov 2011
• Identity layer in OAuth not in OpenID Connect?
• OAuth WG Rechartering
[OAuth WG]
JWT, SWD, OAuth Assertions, OAuth SAML profile,
Token Revocation, OAuth JWT profile
[JOSE WG]
JWS, JTE, JWK
11. OPENID CONNECT
• OpenID Connect Intro
• OpenID Connect Spec Work Client Registration
• OpenID Connect Spec Work Session
• OpenID Connect Editing Session
• OpenID Connect Flows and Levels of Assurance
• Smart
OpenID Connect Chip to Cloud via OpenID
Connect
12. OPENID CONNECT
• OpenID Connect Intro
• OpenID Connect Spec Work Client Registration
MAINLY SPEC WORKS,
• OpenID Connect Spec Work Session
BUT LOTS OF MENTIONS AROUND
• OpenID Connect Editing Session
• OpenID Connect Flows and Levels of Assurance
• Smart
OpenID Connect Chip to Cloud via OpenID
Connect
13. OPENID WORKSHOP
• 10/17 at AOL (the day before IIW#13 started)
• Interop Review
• @ritou, @nov, NRI US (Edmund)
• Discussion about Implementers Dra3
• Open Issues Review
14. MONETIZING STREET IDENTITY &
MOBILE AUTHENTICATION ‘LMNOP’
verified address
$x.xx
verify
verified $1.00
address
RPs
http://j.mp/street_identity
17. • 1st F2F meet-up w/ @pelleb & @tomwiththeweath
• Spec Updates
• 1st formal-ish document (opentransact.org/core)
• OAuth 2.0 based (will be OpenID Connect based)
• Receipt format, Discovery etc.
18. • OAuth 2.0 spec is going to next phase
• More extensions, federation, service-chaining etc.
• OpenID Connect is hot
• Implementers Dra3 coming soon..
• Open Identity Attribute Exchange Summit
(11/09-10 in Washington, D.C.)
19. OPEN TRANSACT
[HOMEWORK]
MAKE THIS OPENID CONNECT BASED
Hinweis der Redaktion
\n
毎年春秋2回 @ Computer History Museum\n