.Nat Zone

Self-issued OP (SIOP) is defined in Chapter 7 of OpenID Connect (2014). If we take  that the Identity (set of data related to the entity) needs to be

I will be speaking at Trustech 2018 at 10:35 AM on November 27, during the track “IDENTITY AND PRIVACY: THE FULL PICTURE”.  You can find the information about

I am now in Singapore to deliver a keynote at Consumer Identity World APAC 2018.  Let us connect if you are around. 

In this episode, I used the Facebook hack as the leeway to explain why using an access token to represent a user is a bad idea.

I will be moderating a Panel titled “Blockchain: X-Border talk with the tech community” this Thursday. It is a part of the symposium called “Fin/Sum 2018” hosted by

This week, I have explained often an untalked property of OAuth 2.0.

Hi, Nat Sakimura here. In the last week’s episode, I have explained what are sender constrained tokens But you may wonder where these are going to be used.

In the episode #1, I have explained that OAuth uses metro ticket like “tokens” to access a protected resource. These are called bearer tokens as anybody who bears

I have started a new Youtube video series to explain the concepts of OAuth 2.0 to non-technical people. The series name is “2 minutes OAuth”. As the name

Main complaints around Self-Sovereign Identity fiasco that I have is that it is at best “Self-sovereign Identifier”. You will see it if you read the W3C community group draft.