Building the Social Web with OpenID
-
Upload
simon-willison -
Category
Technology
-
view
115 -
download
0
description
Transcript of Building the Social Web with OpenID
![Page 1: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/1.jpg)
Building theSocial Web with
Simon WillisonPyCon UK, 8th September 2007
![Page 2: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/2.jpg)
?Who here has used OpenID?
![Page 3: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/3.jpg)
?Who uses it regularly?
![Page 4: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/4.jpg)
Four problems
• Usernames and passwords suck
• Signing up for new accounts is a pain
• My online identity exists in dozens of different places
• Social software suffers from too much overhead
![Page 5: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/5.jpg)
Four problems
• Usernames and passwords suck
• Signing up for new accounts is a pain
• My online identity exists in dozens of different places
• Social software suffers from too much overhead
(and their OpenID related solutions)
![Page 6: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/6.jpg)
Usernames and passwords suck
![Page 7: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/7.jpg)
![Page 8: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/8.jpg)
“
”
We want to make you aware that media of ours that contained a backup of a portion of the reddit
database was stolen recently [...] we wanted to alert you to the possibility that your username, password, and -- in some cases -- e-mail address
may have been compromised.
Steve Huffman, reddit.com
![Page 9: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/9.jpg)
• Don’t store plaintext passwords in your application’s database
• Don’t use the same password on more than one site!
Two lessons
![Page 10: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/10.jpg)
![Page 11: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/11.jpg)
The Web needsSingle Sign On
![Page 12: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/12.jpg)
?
![Page 13: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/13.jpg)
SSO with a single controlling authoritybetrays the principles
of the Web
![Page 14: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/14.jpg)
OpenID is a decentralised mechanism
for Single Sign On
![Page 15: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/15.jpg)
An OpenID is a URL
![Page 19: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/19.jpg)
http://openid.aol.com/simonwillison/
![Page 20: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/20.jpg)
The OpenID protocol lets you prove that you
own a specific URL
![Page 21: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/21.jpg)
An OpenID can be used as an authentication credential
![Page 22: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/22.jpg)
“Who the heck are you?!”
![Page 23: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/23.jpg)
“I’m simonwillison.net”
![Page 24: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/24.jpg)
“prove it!”
![Page 25: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/25.jpg)
(magic happens)
![Page 26: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/26.jpg)
“OK, you’re in!”
![Page 27: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/27.jpg)
Picking an OpenID is like picking an e-mail
provider - you find one that you trust
![Page 28: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/28.jpg)
If you have the ability to run your own server
software, you can do it for yourself
![Page 29: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/29.jpg)
http://siege.org/projects/phpMyID/
![Page 30: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/30.jpg)
?So how do I use it?
![Page 31: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/31.jpg)
![Page 32: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/32.jpg)
![Page 33: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/33.jpg)
![Page 34: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/34.jpg)
![Page 35: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/35.jpg)
?So my users don’thave to sign up for an
account?
![Page 36: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/36.jpg)
Not necessarily
![Page 37: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/37.jpg)
An OpenID tells youvery little about a user
![Page 38: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/38.jpg)
You don’t knowtheir name
![Page 39: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/39.jpg)
You don’t knowtheir e-mail address
![Page 40: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/40.jpg)
You don’t knowif they’re a personor an evil robot
![Page 41: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/41.jpg)
?Where do I get that information from?
![Page 42: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/42.jpg)
You ask them!
![Page 43: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/43.jpg)
OpenID can help them answer
![Page 44: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/44.jpg)
![Page 45: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/45.jpg)
![Page 46: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/46.jpg)
?So how does OpenIDactually work?
![Page 47: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/47.jpg)
![Page 48: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/48.jpg)
![Page 49: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/49.jpg)
<link rel="openid.server" href="http://www.myopenid.com/server" />
![Page 50: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/50.jpg)
“I’m simonwillison.myopenid.com”
![Page 51: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/51.jpg)
Site fetches HTML,discovers identity provider
![Page 52: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/52.jpg)
Establishes shared secretwith identity provider
(Using Diffie-Hellman key exchange)
![Page 53: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/53.jpg)
Redirects you to the identity provider
![Page 54: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/54.jpg)
If you’re logged in there, you get redirected back
![Page 55: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/55.jpg)
?How does my identityprovider know who I am?
![Page 56: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/56.jpg)
OpenID deliberately doesn’t specify
![Page 57: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/57.jpg)
username/passwordis common
![Page 58: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/58.jpg)
But providers can use other methods if
they want to
![Page 59: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/59.jpg)
Client SSL certificates
![Page 60: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/60.jpg)
Out of band authentication via SMS,
e-mail or Jabber
![Page 61: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/61.jpg)
SecurID keyfobs
![Page 62: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/62.jpg)
No authentication at all (just say “Yes”)
![Page 63: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/63.jpg)
?Just say “yes”?
![Page 64: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/64.jpg)
Yup. That’s the OpenID version of bugmenot.com
![Page 66: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/66.jpg)
Users can give away their passwords today - this is just the OpenID
equivalent
![Page 67: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/67.jpg)
?What if I decide I hate my provider?
![Page 68: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/68.jpg)
Use your owndomain name
![Page 69: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/69.jpg)
Delegate to a provider you trust
![Page 70: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/70.jpg)
![Page 71: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/71.jpg)
![Page 72: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/72.jpg)
<link rel="openid.server" href="http://www.livejournal.com/openid/server.bml"><link rel="openid.delegate" href="http://swillison.livejournal.com/">
![Page 73: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/73.jpg)
Support for delegation is compulsory
![Page 74: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/74.jpg)
This minimises lock in
![Page 75: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/75.jpg)
?So everyone will end upwith one OpenID that
they use for everything?
![Page 76: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/76.jpg)
Probably not
![Page 77: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/77.jpg)
(I have half a dozen OpenIDs already)
![Page 78: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/78.jpg)
People like maintaining multiple online personas
![Page 79: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/79.jpg)
professionalsocialsecret
...
![Page 80: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/80.jpg)
OpenID makes it easier to manage multiple
online personas
![Page 81: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/81.jpg)
Three accounts is still better than three dozen
![Page 82: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/82.jpg)
?If an OpenID is a URL, is there anything else interesting
you can do with it?
![Page 83: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/83.jpg)
Yes. Different OpenIDs can express different things
![Page 84: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/84.jpg)
My AOL OpenID proves my AIM screen name
![Page 85: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/85.jpg)
An OpenID from sun.com proves that someone is a current
Sun employee
![Page 86: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/86.jpg)
A last.fm OpenIDcould incorporatemy taste in music
![Page 87: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/87.jpg)
My LiveJournal OpenID tells you where to find
my blog
![Page 88: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/88.jpg)
OpenID and web service APIs naturally
complement each other
![Page 89: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/89.jpg)
?What about phishing?
![Page 90: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/90.jpg)
Phishing is a problem
![Page 91: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/91.jpg)
I can has lolcats!? BETA
Make your own lolcats! lol
Sign in with your OpenID:
OpenID: Sign in
http://icanhascheezburger.com/2007/05/16/i-has-a-backpack/
![Page 92: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/92.jpg)
Fake edition
Username and password, please!
Your identity provider
Username:
Password:Log in
![Page 93: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/93.jpg)
Identity theft :(
![Page 94: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/94.jpg)
An untrusted site redirects you to your
trusted provider
![Page 95: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/95.jpg)
Sound familiar?
![Page 96: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/96.jpg)
PayPalYahoo! BBAuthGoogle Auth
Google Checkout
![Page 97: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/97.jpg)
One solution: don’t let the user log in on the
identity provider “landing page”
![Page 98: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/98.jpg)
![Page 99: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/99.jpg)
Better solutions
![Page 100: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/100.jpg)
CardSpace
![Page 101: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/101.jpg)
Native browsersupport for OpenID(Firefox 3, Seatbelt)
![Page 102: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/102.jpg)
![Page 103: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/103.jpg)
Competition between providers
![Page 104: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/104.jpg)
?Doesn’t this outsource the security of my users to untrusted third parties?
![Page 105: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/105.jpg)
Yes it does. But...
![Page 106: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/106.jpg)
... so do “forgotten password” e-mails!
![Page 107: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/107.jpg)
If e-mail is secure enough for your user’s
authentication, so is OpenID
![Page 108: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/108.jpg)
Password e-mails are just SSO with an
unavoidably bad user experience
![Page 109: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/109.jpg)
?Best practices for OpenID consumers?
![Page 110: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/110.jpg)
![Page 111: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/111.jpg)
“I forgot my password” becomes “I can’t sign in
with my OpenID”
![Page 112: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/112.jpg)
Allow multiple OpenIDs to be associated with a
single account
![Page 113: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/113.jpg)
People can still signin if one of their
providers is down
![Page 114: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/114.jpg)
People can un-associate an OpenID without
locking themselves out
![Page 115: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/115.jpg)
You can take advantage of site-specific services around each of their
OpenIDs
![Page 116: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/116.jpg)
?What are the privacy implications?
![Page 117: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/117.jpg)
Cross correlation of accounts
![Page 118: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/118.jpg)
Don’t publish a user’s OpenID without making it clear that you’re going
to do that
![Page 119: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/119.jpg)
Allow users to opt-out of sharing their OpenID
![Page 120: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/120.jpg)
?Any other neat tricks?
![Page 121: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/121.jpg)
My online identity exists in dozens of different places
![Page 122: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/122.jpg)
![Page 123: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/123.jpg)
I can use OpenID to tie these profiles together
![Page 124: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/124.jpg)
Portable contact lists
![Page 125: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/125.jpg)
Facebook (and others) currently ask for the
user’s webmail username and password
![Page 126: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/126.jpg)
Lightweight accounts
![Page 127: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/127.jpg)
Pre-approved accounts
![Page 128: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/128.jpg)
Social whitelists
![Page 129: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/129.jpg)
OpenID and microformats
![Page 130: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/130.jpg)
Identity projection
![Page 131: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/131.jpg)
Decentralised social networks
![Page 132: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/132.jpg)
“People keep asking me to join the LinkedIn network, but I’m already part of a network, it’s
called the Internet.”Gary McGraw, via Jon Udell, via Gavin Bell
![Page 133: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/133.jpg)
An open alternative?
![Page 134: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/134.jpg)
?Who else is involved?
![Page 135: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/135.jpg)
Total Relying Parties
0
875
1,750
2,625
3,500
Sep '
05 Oct
Nov Dec
Jan '0
6Fe
bMar Apr May
June
July
Aug Sep
Oct
Nov Dec
Jan '0
7Fe
bMar Apr May
June
![Page 136: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/136.jpg)
![Page 137: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/137.jpg)
?How do I build it in to my Python application?
![Page 138: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/138.jpg)
Open Source libraries from JanRain
![Page 139: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/139.jpg)
![Page 140: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/140.jpg)
![Page 141: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/141.jpg)
![Page 142: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/142.jpg)
![Page 143: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/143.jpg)
OpenID
Smart hackers needed
![Page 144: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/144.jpg)
http://openid.net/
http://www.openidenabled.com/
http://simonwillison.net/tags/openid/
![Page 145: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/145.jpg)
Thank you
![Page 146: Building the Social Web with OpenID](https://reader034.fdocuments.net/reader034/viewer/2022051210/54c8c53c4a795913078b459b/html5/thumbnails/146.jpg)
Questions?