What It Is

How It Works

Why You Should

Care

Scott LeslieWCET/BCcampus

November 7, 2007

What is OpenID?

• “De-centralised Single Sign-on for the Web which puts individuals in charge”1

• “OpenID eliminates the need for multiple usernames across different websites”2

1 Powell and Recordon, “OpenID: Decentralised Single Sign-on for the Web,” http://www.ariadne.ac.uk/issue51/powell-recordon/ Last Viewed: Oct 30, 2007.

2 OpenID “What is OpenID” http://openid.net/what/ Last Viewed: Oct 30, 2007

Say what?

Let’s try a demo instead…

• http://blog.dataunbound.com/

• http://www.51weeks.com/events/3/presentations/49

Some of OpenID’s benefits• Users choose and can control their

OpenID provider• De-centralized - no single server

which every OpenID-enabled service or every user must register

• Users authentication credentials are only stored one place

• Usually an easy to remember URL (e.g. edtechpost.myopenid.com)

Additional Benefits

• Uses only standard HTTP(S), does not require any special capabilities of the User-Agent or other client software.

What it is Not

• It does not try to provide trust or distributed authorization solutions

• It will never be a replacement for current on-campus single sign on technologies– But maybe it will be a compliment

http://www.xmlgrrl.com/blog/archives/2007/03/28/the-venn-of-identity/

Ok, but why should I care?

OpenID Providers• 9 million users on LiveJournal.com • AOL - 63 million users got

OpenIDs in one fell swoop• 1 million+ smart card based

OpenIDs issued in Estonia• openid.sun.com – 34,000 Sun

employee issued an OpenID• Microsoft intend to integrate

OpenID into Cardspace

OpenID Consumers

• Libraries which support it in app development frameworks like Ruby on Rails, Zend PHP, Django Python

• 100s of services & apps which support OpenIDs, cf. https://www.myopenid.com/directory and http://openiddirectory.com/

Right, but like I said, why should I care?

Avoid Becoming a Technology Ghetto

http://www.flickr.com/photos/extraketchup/737480991/

Respect Existing Online Identities

http://www.flickr.com/photos/jimfrazier/1187369664/

Give User Choice to Merge Campus Life and Online Life

http://www.flickr.com/photos/re100cyber/1435723666/

Where is it going?• OpenID 2 - differences?

– Addressing ‘phising’ issue– Interop with Identity Selectors like

Cardspace– Attribute Exchange Extension– Works with Yadis– http://openid.net/specs/openid-

authentication-2_0-12.html

• OpenID and SAML• User Centric Identity Interop tests

http://osis.netmesh.org/wiki/I2_Results

How Higher Ed can work with OpenID?• Become an OpenID provider

– cf. https://login.case.edu/id and https://openid.byu.edu/

– cf. http://www.ja-sig.org/wiki/display/CASUM/OpenID

• Ask yourself – are there applications we provide which could use OpenID?– How about when they become alumni?

Further Reading

• Sam Ruby – “OpenID for non-SuperUsers”– http://www.intertwingly.net/blog/

2007/01/03/OpenID-for-non-SuperUsers

• Powell and Recordon - “OpenID: Decentralised Single Sign-on for the Web”–

http://www.ariadne.ac.uk/issue51/powell-recordon/

Thanks

Feel free to contact me at

scott.leslie@shaw.ca