Torsten Lodderstedt’s excellent blog titled “Transaction Authorization or why we need to re-think OAuth scopes” has been floating around for a few weeks. I always…View More Comments back to “Transaction Authorization or why we need to re-think OAuth scopes” by Torsten
Todo list for Self-Issued OP to achieve #self-sovereign-identity
Self-issued OP (SIOP) is defined in Chapter 7 of OpenID Connect (2014). If we take that the Identity (set of data related to the entity)…View More Todo list for Self-Issued OP to achieve #self-sovereign-identity
On the 14th and 15th of July, we had the OAuth Security Workshop 2016 at the University of Trier. Further, we had a IETF 96 side meeting…View More Fixing OAuth?
JWS, JWT, and others now RFC!
It has taken soooo long , but JSON Web Signature (JWS), JSON Web Token (JWT) , together with other JW* suite finally are Standard Track…View More JWS, JWT, and others now RFC!
Registered Token Profile for OAuth 2.0
So, ID Token in OpenID connect is audience restricted to the client while the OAuth bearer access token is audience restricted to the protected resource.…View More Registered Token Profile for OAuth 2.0
The relationship between endpoint responses and response_type, scope pair
So it seems there is a little bit of confusion around what needs to be returned from which endpoint among the readers of OpenID Connect…View More The relationship between endpoint responses and response_type, scope pair
OpenID Connect in a nutshell
When you read the OpenID Connect Specifications, you might feel a little bit intimidated. That’s because they are written in “spec language” and they deal with corner cases,…View More OpenID Connect in a nutshell
Call for nominations for the Kantara Initiative 2011 IDDY (IDentity Deployment of the Year) Awards
The call for nominations for the 2011 IDDY (IDentity Deployment of the Year) Awards is now open! Kantara Initiative is excited to continue this awards program for…View More Call for nominations for the Kantara Initiative 2011 IDDY (IDentity Deployment of the Year) Awards
Identify Conference #7
Today, we had the 7th Identity Conference (aka IdCon #7) at Yahoo! Japan. It started at 7pm Japan Time. Detail of the conference is here.…View More Identify Conference #7
OpenID TechNight #6
“OpenID TechNight vol.6”, a technical seminar hosted by OpenID Foundation Japan (OIDF-J) took place on May 28, 2010 at NRI. Here is the summary: Introduction…View More OpenID TechNight #6