Skip to content
Friday, May 09, 2025
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn

.Nat Zone

Digital Identity and Privacy
.Nat Zone
Digital Identity and Privacy
  • About Nat Sakimura
.Nat Zone
Digital Identity and Privacy
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn

Category: OpenID Connect

OAuth OpenID Connect

What encoding should a URI in OpenID and OAuth discovery document use for an internationalized domain name (IDN)?

Nat April 4, 2018 No Comments discoveryjsonJWTpunycodeRFC3986UTF-8

So, what encoding should a URI in OpenID Connect and OAuth discovery document use for an internationalized domain name such as “müsik.example.com”? . One option is…

View More What encoding should a URI in OpenID and OAuth discovery document use for an internationalized domain name (IDN)?
identity OpenID Connect security

Blockchain Use cases and Identity

Nat February 17, 2018 No Comments Self Issued IdentitySelf Issued IdPSelf-sovereign Identity

I just came across with Don Tapscott’s TED Talk titled “How the blockchain is changing money and business” . In it, he talks about 5 potential…

View More Blockchain Use cases and Identity
Financial API OAuth OpenID Connect

API Days Berlin 2017 Presentation

Nat November 9, 2017 No Comments APIdaysBerlin

Here is the slide I used for APIDays Berlin 2017: Banking APIs and PSD2 — The finish line for PSD2 and Open Banking. A couple of…

View More API Days Berlin 2017 Presentation
Financial API identity OAuth OpenID Connect OpenID Foundation security

APIDays 2016: Financial Grade OAuth & OpenID Connect

Nat December 14, 2016 No Comments APIAPIdaysOpen BankingPSD2

Here is the slide I used in API Days Paris 2016, for the Banking track. Direct link to slideshare: http://www.slideshare.net/nat_sakimura/financial-grade-oauth-openid-connect Hope they are useful.

View More APIDays 2016: Financial Grade OAuth & OpenID Connect
identity OAuth OpenID Connect OpenID Foundation privacy security

FAPI Presentation at Open Data in Finance Conference @ London

Nat June 15, 2016 No Comments #odfFAPIFianncial APIPSD2

Here is the presentation file that I used for my 10 minutes OpenID Foundattion Financial API WG presentation at the Open Data in Finance Conference ( June 15,…

View More FAPI Presentation at Open Data in Finance Conference @ London
Financial API identity OAuth OpenID Connect OpenID Foundation security

Open Data in Finance Conference: Chair’s Welcome

Nat June 15, 2016 No Comments

Here is the script of the Chair’s remark at the opening of the Open Data in Fianance Conference in London (June 15, 2016) 09:00 –…

View More Open Data in Finance Conference: Chair’s Welcome
identity OAuth OpenID Connect

Authorization Delegation: A financial accounts aggregation use case

Nat January 29, 2016 1 Comment

I have many bank accounts. If I wanted to use a new and shiny graphing service, I have to get authorization from each banks individually.…

View More Authorization Delegation: A financial accounts aggregation use case
OAuth OpenID Connect security

Cut and pasted code attack in OAuth 2.0 [RFC6749]

Nat January 25, 2016 6 Comments

The so called ‘cut and pasted code attack’ also known as ‘Frankenstein Monster Attack’ is an attack that the adversary swaps the ‘code’ in the…

View More Cut and pasted code attack in OAuth 2.0 [RFC6749]
identity OAuth OpenID Connect security

Code phishing attack on OAuth 2.0 [RFC6749]

Nat January 22, 2016 9 Comments code phishingmix-upOAuth IdP Mix-up attack

Code phishing attack is the attack that the adversary obtains the code and client credentials from the legitimate client and uses them against the honest token…

View More Code phishing attack on OAuth 2.0 [RFC6749]
OAuth OpenID Connect security

IdP Mix-up Attack on OAuth [RFC6749]

Nat January 15, 2016 1 Comment OAuth IdP Mix-up attack

On Sunday 10, 2016, OAuth Security Advisory: Authorization Server Mix-Up was issued. Nov Matake wrote an excellent article about it in Japanese. To help understand the…

View More IdP Mix-up Attack on OAuth [RFC6749]

Posts pagination

Previous page Page 1 Page 2 Page 3 … Page 5 Next page

Categories

Archives

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

OpenID Connect in a nutshell

Nat January 20, 2012 39 Comments

Write an OpenID Connect server in three simple steps

Nat July 28, 2013 31 Comments
Fig.3 OpenID Connect Authentication

Dummy’s guide for the Difference between OAuth Authentication and OpenID

Nat May 15, 2011 26 Comments

Making a Javascript OpenID Connect Client in 4 steps

Nat December 10, 2014 26 Comments
GAIN Intro Slide title page

Announcing GAIN: Global Assured Identity Network

Nat September 14, 2021 10 Comments
[…] (日本語機械翻訳。英語原文はこちら) […]
The Evolution of Digital Identity: OpenID’s Journey (SIDI Hub Tokyo Opening Speech) – @_Nat Zone
November 12, 2024 @ 4:30 AM
[…] conference’s content director, I...
[June 4] Join us for a Keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone
June 2, 2024 @ 9:41 PM
[…] this session was planned...
[June 4] Join us for a Keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone
June 2, 2024 @ 9:35 PM
[…] this session was planned...
[June 4]I will deliver a keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone
June 2, 2024 @ 9:31 PM
[…] is the adoptation of...
The Miserable Society and the Identity System: The Dangers of Data Linking as Seen in Victor Hugo’s Les Misérables (2024 EU Version) – .Nat Zone
June 2, 2024 @ 7:04 PM
#Certification #cis2012 #EIC18 #eKYC #idnetity #odf #OECDDigitalMX #PowerToThePeople +1 4th Industrial Revolution ab adoption aggregated claims AI Amazing Grace AML API APIdays APP Scams Apple authentication Authorizaiton Server automotive Ave Verum Corpus Berlin BitCoin Blockchain Book BrowserID CAN Bus cat10 cembalo Certification ChatGPT Christmas cimbalom Citi claims code phishing connect cookie CPE Bach cut-n-paste cx data breach data leakage DataRights delegation DID Digital Deflation Digital Identity discovery distributed claims Distributed Ledger e-Residency Card eDIAS eic17 eic2013 EIC2022 eIDAS encryption error Estonia Ethics EU EU AMLR EU DI Wallet EUDIW facebook FAPI FDX federated identity fedlab Fianncial API Fintech flute GAIN GDPR Google Google Bard gov2.0 Governance government systems HoK Holiday music ID2020 idcon iddy identifier identity Identity Assurance Identity Ecosystem Identity in Conflict Identiverse IdP ietf IETF 92 iiw Implementer's Draft IoT ITAC japan json JWS JWT Kantara Les Miserables Linux Foundation LoA Managed Apple ID marimba MCP mix-up mix-up attack mobile MODRNA Mozart MyData National Identity NIST NSTIC nttdocomo oath2 OAuth OAuth 2.0 Authentication OAuth Authentication OAuth IdP Mix-up attack OECD OIDC oidf oidf-j Open Banking Open Finance open source openid OpenID 2.0 OpenID Connect OpenID Foundation Workshp openid/abc OpenSSL OpenWallet passkeys password persona phishing PID privacy Privmas Protected resource PSD2 PSD3 punycode refugee regulations relationship response_type RFC RFC3986 RFC6749 RFC6750 rp saml SBT SCIM scope scopes seasons greeting security Sef-issued identity Self Issued Identity Self Issued IdP Self-issued OP Self-sovereign Identity Shared Signals Siciliano signature SIIdP SIOP slack SP800-63 Specs spinet SSF SSI test Tokens tracking trust trust framework TUAC twitter UK Open Banking Ukraine uma UTF-8 VC Verifiable Credentials video vote W3C wallet wallets Web3 Web5 XARA xrds Youtube
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn
.Nat Zone | Designed by: Theme Freesia | WordPress | © Copyright All right reserved
 

Loading Comments...
 

You must be logged in to post a comment.

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok