Skip to content
Friday, April 25, 2025
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn

.Nat Zone

Digital Identity and Privacy
.Nat Zone
Digital Identity and Privacy
  • About Nat Sakimura
.Nat Zone
Digital Identity and Privacy
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn
  • Events identity OpenID Foundation

    OpenID Foundation Workshop Recap

    On April 7, 2025, OpenID Foundation Workshop was given at Google campus in California. Recordings and slides will be coming out in the near future,…

    Nat April 8, 2025 No Comments
    View More
  • identity privacy security

    Authorized Push Payment (APP) Scams and EU’s Defence: PSD3 & Digital Identity Wallets

    (For an abridged YouTube Video, go to https://www.youtube.com/watch?v=1rplN-4-O_E) Introduction Authorized Push Payment (APP) scams are a form of fraud in which victims are deceived into…

    Nat April 6, 2025 No Comments
    View More
  • Events identity

    The Evolution of Digital Identity: OpenID’s Journey (SIDI Hub Tokyo Opening Speech)

    Ladies and gentlemen, Let me take you on a journey taken by OpenID Community through the evolution of digital identity – a story that continues…

    Nat October 25, 2024 No Comments
    View More
  • Events identity

    NIST SP800-63-4 2pd Workshop Notes

    NIST SP800-64-4 2nd Public Draft (2pd) was made available a week ago. This was the first of a series of workshops planned and goes over…

    Nat August 29, 2024 No Comments
    View More
  • identity

    Deepfake Damages Worth $40 billion? — The Impact of Generative AI on Identity and Countermeasures

    Improving the Accuracy of Deepfakes Deepfake technology has rapidly developed due to advancements in AI. Early deepfakes were low-quality and easily identifiable as fake. However,…

    Nat August 25, 2024 No Comments
    View More

Financial API identity OAuth OpenID Connect OpenID Foundation security

Open Data in Finance Conference: Chair’s Welcome

Nat June 15, 2016 No Comments

Here is the script of the Chair’s remark at the opening of the Open Data in Fianance Conference in London (June 15, 2016) 09:00 –…

View More Open Data in Finance Conference: Chair’s Welcome
security

GSA 18F’s unauthorized Slack use caused breach of 100 GSA Google Drives?

Nat May 14, 2016 No Comments data breachoath2slack

@JamieXML pinged me about the @18F breach that I completely missed. I quickly googled it and found this article. IG report:18F’s unauthorized Slack use caused…

View More GSA 18F’s unauthorized Slack use caused breach of 100 GSA Google Drives?
identity OAuth OpenID Connect

Authorization Delegation: A financial accounts aggregation use case

Nat January 29, 2016 1 Comment

I have many bank accounts. If I wanted to use a new and shiny graphing service, I have to get authorization from each banks individually.…

View More Authorization Delegation: A financial accounts aggregation use case
OAuth OpenID Connect security

Cut and pasted code attack in OAuth 2.0 [RFC6749]

Nat January 25, 2016 6 Comments

The so called ‘cut and pasted code attack’ also known as ‘Frankenstein Monster Attack’ is an attack that the adversary swaps the ‘code’ in the…

View More Cut and pasted code attack in OAuth 2.0 [RFC6749]
identity OAuth OpenID Connect security

Code phishing attack on OAuth 2.0 [RFC6749]

Nat January 22, 2016 9 Comments code phishingmix-upOAuth IdP Mix-up attack

Code phishing attack is the attack that the adversary obtains the code and client credentials from the legitimate client and uses them against the honest token…

View More Code phishing attack on OAuth 2.0 [RFC6749]
OAuth OpenID Connect security

IdP Mix-up Attack on OAuth [RFC6749]

Nat January 15, 2016 1 Comment OAuth IdP Mix-up attack

On Sunday 10, 2016, OAuth Security Advisory: Authorization Server Mix-Up was issued. Nov Matake wrote an excellent article about it in Japanese. To help understand the…

View More IdP Mix-up Attack on OAuth [RFC6749]
identity privacy

Happy New Year!

Nat January 1, 2016 No Comments

2015 was a hectic year: Bunch of the specs that I have been working on (JWS [RFC7515], JWT [RFC7519], OAuth PKCE [RFC7636], JWK Thumbprint [RFC7638])got published and the work to convert…

View More Happy New Year!
identity OAuth OpenID Connect

On the XARA vulnerability on MacOS X and iOS

Nat June 19, 2015 3 Comments securityXARA

Just came across this article: Apple CORED: Boffins reveal password-killer 0-days for iOS and OS X, by The Register. Since the news itself did not explain…

View More On the XARA vulnerability on MacOS X and iOS
OAuth OpenID Connect

Apple’s answer to the in-secure use of in-app browser? — iOS 9 introduces SFSafariViewController

Nat June 9, 2015 No Comments

Apple forcing developpers to use in-app browser instead of spawning Safari has been known as an extremely insecure practice for sometime. There many reasons that…

View More Apple’s answer to the in-secure use of in-app browser? — iOS 9 introduces SFSafariViewController
identity OAuth

JWS, JWT, and others now RFC!

Nat May 20, 2015 No Comments ietfJWSJWTOAuthRFC

It has taken soooo long [1], but JSON Web Signature (JWS), JSON Web Token (JWT) , together with other JW* suite finally are Standard Track…

View More JWS, JWT, and others now RFC!

Posts pagination

Previous page Page 1 … Page 8 Page 9 Page 10 … Page 27 Next page

Categories

Archives

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

OpenID Connect in a nutshell

Nat January 20, 2012 39 Comments

Write an OpenID Connect server in three simple steps

Nat July 28, 2013 31 Comments
Fig.3 OpenID Connect Authentication

Dummy’s guide for the Difference between OAuth Authentication and OpenID

Nat May 15, 2011 26 Comments

Making a Javascript OpenID Connect Client in 4 steps

Nat December 10, 2014 26 Comments
GAIN Intro Slide title page

Announcing GAIN: Global Assured Identity Network

Nat September 14, 2021 10 Comments
[…] (日本語機械翻訳。英語原文はこちら) […]
The Evolution of Digital Identity: OpenID’s Journey (SIDI Hub Tokyo Opening Speech) – @_Nat Zone
November 12, 2024 @ 4:30 AM
[…] conference’s content director, I...
[June 4] Join us for a Keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone
June 2, 2024 @ 9:41 PM
[…] this session was planned...
[June 4] Join us for a Keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone
June 2, 2024 @ 9:35 PM
[…] this session was planned...
[June 4]I will deliver a keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone
June 2, 2024 @ 9:31 PM
[…] is the adoptation of...
The Miserable Society and the Identity System: The Dangers of Data Linking as Seen in Victor Hugo’s Les Misérables (2024 EU Version) – .Nat Zone
June 2, 2024 @ 7:04 PM
#Certification #cis2012 #EIC18 #eKYC #idnetity #odf #OECDDigitalMX #PowerToThePeople +1 4th Industrial Revolution ab adoption aggregated claims AI Amazing Grace AML API APIdays APP Scams Apple authentication Authorizaiton Server automotive Ave Verum Corpus Berlin BitCoin Blockchain Book BrowserID CAN Bus cat10 cembalo Certification ChatGPT Christmas cimbalom Citi claims code phishing connect cookie CPE Bach cut-n-paste cx data breach data leakage DataRights delegation DID Digital Deflation Digital Identity discovery distributed claims Distributed Ledger e-Residency Card eDIAS eic17 eic2013 EIC2022 eIDAS encryption error Estonia Ethics EU EU AMLR EU DI Wallet EUDIW facebook FAPI FDX federated identity fedlab Fianncial API Fintech flute GAIN GDPR Google Google Bard gov2.0 Governance government systems HoK Holiday music ID2020 idcon iddy identifier identity Identity Assurance Identity Ecosystem Identity in Conflict Identiverse IdP ietf IETF 92 iiw Implementer's Draft IoT ITAC japan json JWS JWT Kantara Les Miserables Linux Foundation LoA Managed Apple ID marimba MCP mix-up mix-up attack mobile MODRNA Mozart MyData National Identity NIST NSTIC nttdocomo oath2 OAuth OAuth 2.0 Authentication OAuth Authentication OAuth IdP Mix-up attack OECD OIDC oidf oidf-j Open Banking Open Finance open source openid OpenID 2.0 OpenID Connect OpenID Foundation Workshp openid/abc OpenSSL OpenWallet passkeys password persona phishing PID privacy Privmas Protected resource PSD2 PSD3 punycode refugee regulations relationship response_type RFC RFC3986 RFC6749 RFC6750 rp saml SBT SCIM scope scopes seasons greeting security Sef-issued identity Self Issued Identity Self Issued IdP Self-issued OP Self-sovereign Identity Shared Signals Siciliano signature SIIdP SIOP slack SP800-63 Specs spinet SSF SSI test Tokens tracking trust trust framework TUAC twitter UK Open Banking Ukraine uma UTF-8 VC Verifiable Credentials video vote W3C wallet wallets Web3 Web5 XARA xrds Youtube
  • Follow me on Twitter
  • Subscribe to Youtube
  • LinkedIn
.Nat Zone | Designed by: Theme Freesia | WordPress | © Copyright All right reserved
 

Loading Comments...
 

You must be logged in to post a comment.

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok