.Nat Zone

Digital Identity et al.

「 openid 」 一覧

The relationship between endpoint responses and response_type, scope pair

So it seems there is a little bit of confusion around what needs to be returned from which endpoint among the readers of OpenID Connect specification. It actually is pretty clear if you understand what OAuth 2.0 response_type parameter is, …

no image

OpenID Connect in a nutshell

When you read the OpenID Connect Specifications, you might feel a little bit intimidated. That’s because they are written in “spec language” and they deal with corner cases, etc.  Yet when you translate them into normal English and just concentrate on a “simple case”, it …

no image

BrowserID protects the privacy of your Web activity? Really?

  2011/07/21    identity , , ,

So, BrowserID is buzzing. In general, browser helping user to secure their login is a good thing. But, I have bunch of problem with the current state of BrowserID. I feel like it has gone back to the era of …

no image

OpenID ABConnect

  2010/11/11    identity , ,

In an effort to unify Artifact Binding (AB) and Connect (C), Breno (Google), John (Protiviti), and I did a bit of work at iiw and converged to the following split of the specs. So, the structure of the spec will …

no image

JSON Signature and Encryption Spec.

  2010/11/10    identity , , ,

At IIW 2010B, we had a major advancement in the JSON Signature and Encryption Spec. Microsoft, Google, Facebook and me and John Bradley basically converged to a spec. The details has been posted to OpenID Artifact Binding WG list (archive …

no image

“hootsuite” now an OpenID RP

  2010/11/04    identity , , ,

On October 28, 2010, hootsuite launched a new capability: hootsuite is now an OpenID RP. (See this announcement: Just Hatched ~ Connect to HootSuite with OpenID Providers ) Well, it is a week old “news” but I just noticed it …

no image

Call for nominations for the Kantara Initiative 2011 IDDY (IDentity Deployment of the Year) Awards

  2010/10/27    identity , , ,

The call for nominations for the 2011 IDDY (IDentity Deployment of the Year) Awards is now open! Kantara Initiative is excited to continue this awards program for the fifth year. We encourage you to refer partners and organizations that could be good candidates …

no image

Re: OpenID provider imploding, chaos coming?

  2010/09/04    identity

Yet another OpenID provider is going under. On Sept. 30 when Six Apart officially shuts down VOX, a blogging site and an OpenID provider. I have been dealing with this issue for many years, and have been blogging, speaking etc. …

no image

Is expressing Levels enough for LoA2+?

  2010/09/03    identity , ,

LoA stands for Level of Assurance. Most popular reference to this idea may be OMB M04-04 and NIST SP800-63. Essentially, it classifies the identities into four categories from Level 1 to Level 4, where Level 4 stands for higher assurance. …

Japanese government went live with OpenID/AB

  2010/07/30    identity ,

Japanese government went live with OpenID Artifact Binding (AB) draft07. It uses usual OpenID 2.0 to connect to major OpenID providers and uses AB to connect among government agencies. https://openlabs.go.jp/