2. What is OpenID? OpenID is a decentralised Single Sign On system for the web. An Introduction
3. Why OpenID? Too many user names? Too many passwords? User name already taken? An Introduction
4. What is an OpenID? An OpenID is simply a URI, e.g. http://mmanders.myopenid.com An Introduction
5. So what? You can claim ownership of a URI. The ability to prove ownership of a URI can facilitate authentication. An Introduction
6. How? You don’t authenticate to a site with credentials agreed on with that site. You authenticate with credentials agreed on with your ID Provider. An Introduction
7. This sounds familiar! It’s Similar to Microsoft Passport. It’s different in that Microsoft doesn’t have ownership – you do! An Introduction
8. This sounds familiar! It’s an open standard. The standard isn’t owned by any single organisation. You don’t have to seek Microsoft permission to implement it. An Introduction
9. Who has ownership? You do! You pick an Identity Provider. Or implement the server-side yourself! An Introduction
11. How does sign-up fit in? Augments the sign-up process. Doesn’t provide information; authentication only. Still need CAPTCHAs. An Introduction
12. Where does sign-up fit? Simple Registration Extension provides lightweight exchange of profile information. Beyond the scope of this introduction. An Introduction
13. How does OpenID work? Link tag on OpenID page. <link rel=“openid.server” href=http://www.myopenid.com/server /> An Introduction
14. How does OpenID work? Relying party establishes a shared secret with Identity Provider using Diffie-Hellman key exchange. An Introduction
15. How does OpenID work? HTML at URI is parsed to discover Identity Provider. An Introduction
16. How does OpenID work? User is redirected to Identity Provider in order to authenticate. An Introduction
17. How does OpenID work? User is redirected back to relying party and shared secret is used to guard against spoofed requests. An Introduction
18. Can I use my own URI? Using delegation, you can use your own domain as your OpenID! An Introduction
19. Can I use my own URI? Put the following link tags in the head section of your domain index page: <link rel=“openid.server” href=“<id_server”> /> <link rel=“openid.delegate” href=“<delegate url>” /> An Introduction
20. Can I use my own URI? For example, until I implement my own server, I use: <link rel=“openid.server” href=http://www.myopenid.com/server /> <link rel=“openid.delegate” href=http://maxmanders.myopenid.com /> An Introduction
21. Can I change providers? What if I don’t trust my provider? You can simply delegate authority to a different provider! An Introduction
22. Further Reading… The Specifications: http://openid.net Wikipedia: http://en.wikipedia.org/wiki/OpenID Implementation Libraries: http://openidenabled.com Jan Rain: http://janrain.com/openid An Introduction
23. Thank You! Max Manders http://maxmanders.co.uk [email_address] An Introduction