Int'l Presence of OpenID
From IIW
Issue/Topic: International Presence of OpenID (Strategy Session)
Session: Wednesday 2H
Conference: IIW-11 November 2-4, Mountain View, Complete Notes Page
Convener: Henrik, Sha-Mayn The, Nat Sakimura
Notes-taker(s):
Tags:
Discussion notes:
Goal is to discuss the state of OpenID in Europe and Asia and brainstorm strategy of pushing OpenId in the region.
Note from OpenID foundation director: join the foundation and vote so that OpenID can do something for your region.
Background of the EU situation:
- Nov 1 German eID
- July 1 Denmark OCES II
- (2008) Belgian
- 2011 Poland
- 2010/9 wp.pl becomes OpenID provider (largest portal in poland)
Denmark
- Banking - 2 factor login: user/password/number on the card (150 numbers at a time)
- tax office is an IDP
- private identity vs government identity
Germany
- state-sponsored identity poofing
- privatized postal service also does manual identity verification
- Microsoft working closely with German govt as a testbed
In Europe, notion of level of assurance is not well known.
- Holland has trust framework with 3-4 IDPs and brokers
- Certified providers not necessarily state-owned
- Belgium is an exception where government provides credentials
For China
- state already knows who you are?
- mainly social networks enabling federated login e.g. tencent (qq), renren. also e-commerce: taobao (IDP), 360buy.com (RP)
- telcos interested but haven't found the business value
- a general strategy is to implement OpenID in open source products (most Chinese sites use open source)
- but need more big IDPs to get big sites interested in becoming RPs. Action item: get AOL, Yahoo, Google etc to write a white paper of why/how it's good to be an IDP
Japan
- trust framework - Japanese govt just recently published public docs about the need for a trust framework
- IDPs: docomo/kddi
- identity proofing by private companies e.g. Yahoo Auctions does door-to-door identity verification.