Session for Newbies

From IIW

Convener: Judi Clark

Notes-taker: Skip Baneyi


  • Judi Clark,
  • Skip Baneyi,
  • Abby Jenkins,
  • Eric Draghi,
  • Joseph Holsten

Technology Discussed/Considered:

Open ID

Discussion notes:

From David Recordan re: OpenID

  • Reuse existing credentials elsewhere
  • Embed microformats in OpenID page
  • Flexibility w choosing ID Provider (Yahoo, Google, self-managed)
  • Future of OID 2.0 point directory at IDP; no need to know your old URL
  • Phishing is a problem on the web regardless; passwords can be used, info cards can be used
  • Multiple DIDs are not a failure, they can be a benefit

Open ID: delegated authentication (user /login)

Oauth: deligated web service auth

Problems being solved: multiple accounts account/activity aggregator (can you have diff profiles/persona/faces?)

PIP.verisignlabs: secure opened (hardware tokens), browser plugins (login/logout), Gives RP a sense of trust that verisign has verified who you are (brand)

MyVidoop: has a SMS based option (opt in) for authorizing first time w browser

  • Image based (image grid)
  • 2 factor auth (req’d to set account up or for new browsers)
  • book mark and browser plugins for non OID sites