Skip to content
Saturday, November 23, 2024
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn

.Nat Zone

Digital Identity and Privacy
.Nat Zone
Digital Identity and Privacy
  • About Nat Sakimura
.Nat Zone
Digital Identity and Privacy
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn
  • Events identity

    The Evolution of Digital Identity: OpenID’s Journey (SIDI Hub Tokyo Opening Speech)

    Ladies and gentlemen, Let me take you on a journey taken by OpenID Community through the evolution of digital identity – a story that continues…

    Nat October 25, 2024 No Comments
    View More
  • Events identity

    NIST SP800-63-4 2pd Workshop Notes

    NIST SP800-64-4 2nd Public Draft (2pd) was made available a week ago. This was the first of a series of workshops planned and goes over…

    Nat August 29, 2024 No Comments
    View More
  • identity

    Deepfake Damages Worth $40 billion? — The Impact of Generative AI on Identity and Countermeasures

    Improving the Accuracy of Deepfakes Deepfake technology has rapidly developed due to advancements in AI. Early deepfakes were low-quality and easily identifiable as fake. However,…

    Nat August 25, 2024 No Comments
    View More
  • identity

    Summary of ABAC vs. ReBAC: An Authorization Policy Showdown

    I just finished viewing the YouTube movie titled “ABAC vs. ReBAC: An Authorization Policy Showdown”. Following is a short summary of the movie. YouTube Summary…

    Nat August 25, 2024 No Comments
    View More
  • identity

    2nd Public Consultation for NIST SP800-63-4 Digital Identity Guidelines started

    NIST published the new draft of NIST SP800-63-4 Digital Identity Guidelines on August 21. The public consultation runs until October 7. The main points are as follows:…

    Nat August 22, 2024 No Comments
    View More

identity OAuth OpenID Connect

Authorization Delegation: A financial accounts aggregation use case

Nat January 29, 2016 1 Comment

I have many bank accounts. If I wanted to use a new and shiny graphing service, I have to get authorization from each banks individually.…

View More Authorization Delegation: A financial accounts aggregation use case
OAuth OpenID Connect security

Cut and pasted code attack in OAuth 2.0 [RFC6749]

Nat January 25, 2016 6 Comments

The so called ‘cut and pasted code attack’ also known as ‘Frankenstein Monster Attack’ is an attack that the adversary swaps the ‘code’ in the…

View More Cut and pasted code attack in OAuth 2.0 [RFC6749]
identity OAuth OpenID Connect security

Code phishing attack on OAuth 2.0 [RFC6749]

Nat January 22, 2016 9 Comments code phishingmix-upOAuth IdP Mix-up attack

Code phishing attack is the attack that the adversary obtains the code and client credentials from the legitimate client and uses them against the honest token…

View More Code phishing attack on OAuth 2.0 [RFC6749]
OAuth OpenID Connect security

IdP Mix-up Attack on OAuth [RFC6749]

Nat January 15, 2016 1 Comment OAuth IdP Mix-up attack

On Sunday 10, 2016, OAuth Security Advisory: Authorization Server Mix-Up was issued. Nov Matake wrote an excellent article about it in Japanese. To help understand the…

View More IdP Mix-up Attack on OAuth [RFC6749]
identity privacy

Happy New Year!

Nat January 1, 2016 No Comments

2015 was a hectic year: Bunch of the specs that I have been working on (JWS [RFC7515], JWT [RFC7519], OAuth PKCE [RFC7636], JWK Thumbprint [RFC7638])got published and the work to convert…

View More Happy New Year!
identity OAuth OpenID Connect

On the XARA vulnerability on MacOS X and iOS

Nat June 19, 2015 3 Comments securityXARA

Just came across this article: Apple CORED: Boffins reveal password-killer 0-days for iOS and OS X, by The Register. Since the news itself did not explain…

View More On the XARA vulnerability on MacOS X and iOS
OAuth OpenID Connect

Apple’s answer to the in-secure use of in-app browser? — iOS 9 introduces SFSafariViewController

Nat June 9, 2015 No Comments

Apple forcing developpers to use in-app browser instead of spawning Safari has been known as an extremely insecure practice for sometime. There many reasons that…

View More Apple’s answer to the in-secure use of in-app browser? — iOS 9 introduces SFSafariViewController
identity OAuth

JWS, JWT, and others now RFC!

Nat May 20, 2015 No Comments ietfJWSJWTOAuthRFC

It has taken soooo long [1], but JSON Web Signature (JWS), JSON Web Token (JWT) , together with other JW* suite finally are Standard Track…

View More JWS, JWT, and others now RFC!
OAuth

Review Comments for draft-ietf-oauth-proof-of-possession-02

Nat March 26, 2015 No Comments IETF 92

Proof-Of-Possession Semantics for JSON Web Tokens (JWTs) draft 02  has been under WGLC till yesterday (March 24, 2015). During the OAuth WG meeting at IETF 92…

View More Review Comments for draft-ietf-oauth-proof-of-possession-02
Music

Seasons Greetings 2014

Nat December 24, 2014 No Comments Christmasfluteseasons greetingvideo

Seasons greetings video as a replacement to a greeting card. The Christmas Song was written by Mel Torme & Robert Wells on a hot summer day…

View More Seasons Greetings 2014

Posts pagination

Previous page Page 1 … Page 8 Page 9 Page 10 … Page 26 Next page

Categories

Archives

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

OpenID Connect in a nutshell

Nat January 20, 2012 39 Comments

Write an OpenID Connect server in three simple steps

Nat July 28, 2013 31 Comments
Fig.3 OpenID Connect Authentication

Dummy’s guide for the Difference between OAuth Authentication and OpenID

Nat May 15, 2011 26 Comments

Making a Javascript OpenID Connect Client in 4 steps

Nat December 10, 2014 26 Comments
GAIN Intro Slide title page

Announcing GAIN: Global Assured Identity Network

Nat September 14, 2021 10 Comments
[…] (日本語機械翻訳。英語原文はこちら) […]
The Evolution of Digital Identity: OpenID’s Journey (SIDI Hub Tokyo Opening Speech) – @_Nat Zone
November 12, 2024 @ 4:30 AM
[…] conference’s content director, I...
[June 4] Join us for a Keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone
June 2, 2024 @ 9:41 PM
[…] this session was planned...
[June 4] Join us for a Keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone
June 2, 2024 @ 9:35 PM
[…] this session was planned...
[June 4]I will deliver a keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone
June 2, 2024 @ 9:31 PM
[…] is the adoptation of...
The Miserable Society and the Identity System: The Dangers of Data Linking as Seen in Victor Hugo’s Les Misérables (2024 EU Version) – .Nat Zone
June 2, 2024 @ 7:04 PM
#Certification #cis2012 #EIC18 #eKYC #idnetity #odf #OECDDigitalMX #PowerToThePeople +1 4th Industrial Revolution ab adoption aggregated claims AI Amazing Grace AML API APIdays Apple authentication Authorizaiton Server automotive Ave Verum Corpus Berlin BitCoin Blockchain Book BrowserID CAN Bus cat10 cembalo Certification ChatGPT Christmas cimbalom Citi claims code phishing connect cookie CPE Bach cut-n-paste cx data breach data leakage DataRights delegation DID Digital Deflation Digital Identity discovery distributed claims Distributed Ledger e-Residency Card eic17 eic2013 EIC2022 eIDAS encryption error Estonia Ethics EU EU AMLR EUDIW facebook FAPI FDX federated identity fedlab Fianncial API Fintech flute GAIN GDPR Google Google Bard gov2.0 Governance government systems HoK Holiday music ID2020 idcon iddy identifier identity Identity Assurance Identity Ecosystem Identity in Conflict Identiverse IdP ietf IETF 92 iiw Implementer's Draft IoT ITAC japan json JWS JWT Kantara Les Miserables Linux Foundation LoA Managed Apple ID marimba mix-up mix-up attack mobile MODRNA Mozart MyData National Identity NIST NSTIC nttdocomo oath2 OAuth OAuth 2.0 Authentication OAuth Authentication OAuth IdP Mix-up attack OECD OIDC oidf oidf-j Open Banking Open Finance open source openid OpenID 2.0 OpenID Connect OpenID Foundation Workshp openid/abc OpenSSL OpenWallet passkeys password persona phishing PID privacy Privmas Protected resource PSD2 punycode refugee regulations relationship response_type RFC RFC3986 RFC6749 RFC6750 rp saml SBT SCIM scope scopes seasons greeting security Sef-issued identity Self Issued Identity Self Issued IdP Self-issued OP Self-sovereign Identity Shared Signals Siciliano signature SIIdP SIOP slack SP800-63 Specs spinet SSF SSI test Tokens tracking trust trust framework TUAC twitter UK Open Banking Ukraine uma UTF-8 VC Verifiable Credentials video vote W3C wallet wallets Web3 Web5 XARA xrds Youtube
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn
.Nat Zone | Designed by: Theme Freesia | WordPress | © Copyright All right reserved
 

Loading Comments...
 

You must be logged in to post a comment.

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok