Session for Newbies

Convener: Judi Clark

Notes-taker: Skip Baneyi

Attendees:

• Judi Clark,
• Skip Baneyi,
• Abby Jenkins,
• Eric Draghi,
• Joseph Holsten

Technology Discussed/Considered:

Open ID

Discussion notes:

From David Recordan re: OpenID

• Reuse existing credentials elsewhere
• Embed microformats in OpenID page
• Flexibility w choosing ID Provider (Yahoo, Google, self-managed)
• Future of OID 2.0 point directory at IDP; no need to know your old URL
• Phishing is a problem on the web regardless; passwords can be used, info cards can be used

• Multiple DIDs are not a failure, they can be a benefit

Open ID: delegated authentication (user /login)

Oauth: deligated web service auth

Problems being solved: multiple accounts

Chi.mp: account/activity aggregator (can you have diff profiles/persona/faces?)

PIP.verisignlabs: secure opened (hardware tokens), browser plugins (login/logout), Gives RP a sense of trust that verisign has verified who you are (brand)

MyVidoop: has a SMS based option (opt in) for authorizing first time w browser

• Image based (image grid)
• 2 factor auth (req’d to set account up or for new browsers)
• book mark and browser plugins for non OID sites