Proof-Of-Possession Semantics for JSON Web Tokens (JWTs) draft 02 has been under WGLC till yesterday (March 24, 2015). During the OAuth WG meeting at IETF 92…
View More Review Comments for draft-ietf-oauth-proof-of-possession-02
Author: Nat
Having been working on Digital Identity since 2000.
Co-author of various identity related specifications like OpenID Connect, JSON Web Token.
Chair of the OpenID Foundation (2011-)
Vice Chair of the OpenID Foundation (2010),
Founder of OpenID Foundation Japan (2008-),
Trustee of Kantara Initiative (2009-).
Seasons Greetings 2014
Seasons greetings video as a replacement to a greeting card. The Christmas Song was written by Mel Torme & Robert Wells on a hot summer day…
View More Seasons Greetings 2014
Making a Javascript OpenID Connect Client in 4 steps
When John, Breno, and I started the OpenID Connect work, one of the target was to make it as simple as putting two files on…
View More Making a Javascript OpenID Connect Client in 4 steps
Autumn Greetings from Japan
Japan is now fully in Autumn. Leaves are turning and colours are beautiful. It is unfortunate that I cannot spend much time in Japan right…
View More Autumn Greetings from Japan
draft 02 of OpenID 2.0 to Connect Migration is now available
OpenID 2.0 to OpenID Connect Migration (aka OID2 to OIDC Migration) is a spec that allows RPs to associate the old OpenID 2.0 identifiers to…
View More draft 02 of OpenID 2.0 to Connect Migration is now available
Public Review of UMA 0.9 is going on
June 24: The three main UMA Version 0.9 specifications – UMA Core , OAuth Resource Set Registration , and UMA Claim Profiles – are out for a45-day public review period ending September 6 at 17:00…
View More Public Review of UMA 0.9 is going on
New vulnerability on OpenSSL found
A new bug in OpenSSL was found by Masashi Kikuchi of Lepidum. It affects all versions of OpenSSL earlier than 1.0.1. For details, please refer…
View More New vulnerability on OpenSSL foundCovert Redirect is not new but.. A risk analysis and recommendations
So, there has been a flurry of worries induced by the CNET and other articles [1] about “Covert Redirect”. Like Leandro Boffi wrote in his blog…
View More Covert Redirect is not new but.. A risk analysis and recommendations
OpenID Connect is here! – An Identity Layer on the internet
Celebrate! OpenID Connect 1.0 Final is here! After four and half years, or six years if we include the time needed to start the working…
View More OpenID Connect is here! – An Identity Layer on the internet
Identity Management TechDay
Invitation to the Identity Management TechDayon March 20, 2014 in Darmstadt, Germany Dear colleagues, We are pleased to invite you to the Customer…
View More Identity Management TechDay