Difference between revisions of "De-Confusing: High Level Overview"

From IIW
Jump to: navigation, search
(Undo revision 3349 by Igiwydijok (Talk))
 
Line 1: Line 1:
=[http://ekygelymib.co.cc Under Construction! Please Visit Reserve Page. Page Will Be Available Shortly]=
 
 
Session: Day – Number - Space Location Tuesday – Session 1 - E
 
Session: Day – Number - Space Location Tuesday – Session 1 - E
  
Line 14: Line 13:
 
B. Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
 
B. Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
  
"De-confusing" Identity (5/18 session 1)
+
"De-confusing" Identity (5/18 session 1)
 
----------------------------------------
 
----------------------------------------
"On the Internet, nobody knows you're a dog" (IIW logo)
+
"On the Internet, nobody knows you're a dog" (IIW logo)
 
- Anonymity is important
 
- Anonymity is important
 
- But people need the set of tools to be able to represent who they are (at varying levels of granularity/disclosure)
 
- But people need the set of tools to be able to represent who they are (at varying levels of granularity/disclosure)
Line 34: Line 33:
 
- W3C (HTML)
 
- W3C (HTML)
 
- ITU-T (phone) and ISO
 
- ITU-T (phone) and ISO
- "Floaters"
+
- "Floaters"
 
- XMPP - Jabber
 
- XMPP - Jabber
 
- OpenID
 
- OpenID
Line 56: Line 55:
 
   - Doesn't scale well
 
   - Doesn't scale well
  
OpenID = outsourcing username and password (same "username" or i-name)
+
OpenID = outsourcing username and password (same "username" or i-name)
 
- Problem is phishing: Fake forms for OpenID providers
 
- Problem is phishing: Fake forms for OpenID providers
 
- Therefore, OpenID is designed for low-security transactions
 
- Therefore, OpenID is designed for low-security transactions

Latest revision as of 14:55, 3 February 2011

Session: Day – Number - Space Location Tuesday – Session 1 - E

Convener: Kaliya Hamlin

Notes-taker(s): Aaron Bronzan

A. Tags for the session - technology discussed/ideas considered:

Overview of Identity, Standards Organizations, Acronyms


B. Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

"De-confusing" Identity (5/18 session 1)


"On the Internet, nobody knows you're a dog" (IIW logo) - Anonymity is important - But people need the set of tools to be able to represent who they are (at varying levels of granularity/disclosure)

Communities in attendance


- Business - Enterprise Customer - Enterprise Identity Management Product - WebPortals (e.g. Google, Yahoo, MSN, LinkedIn) - Regular websites - Government - Europe, BC, DC - Standards Development Community - OASIS (InfoCards, SAML, XRI/XDI) - IETF and Internet Society (SMTP) - W3C (HTML) - ITU-T (phone) and ISO - "Floaters" - XMPP - Jabber - OpenID - Sysadmins - Web Developers - Etc. Etc. Etc.

- Enterprise identity management: Where it all sort of started - Provisioning/issuing credentials for use of internal enterprise systems - e.g. username, password, auth token, etc. - SAML (Security Assertion Markup Language): Directory of employees with specific privileges - Authorization, or AuthZ (What you’re allowed to do) - Authentication, or AuthN (The identifier – the username you use, etc.) - Verification - Enrollment into system (new users) - Termination from system (ex-users)

- SAML Federation

  	- Business to Business sharing (e.g. American Airlines + Boeing)
  	- Trusting each other's credentials
  	- Doesn't scale well

OpenID = outsourcing username and password (same "username" or i-name) - Problem is phishing: Fake forms for OpenID providers - Therefore, OpenID is designed for low-security transactions

NASCAR problem: Addresses challenge of usability with OpenID (logos instead of having to remember your OpenID URL)

Info Cards - IDP issues card, or you make your own card - User selects cards - Open Source InfoCard Selector repository: Higgins Project - Send various attributes only, customize the amount of information sent

OpenID + Information Cards = Open Identity Exchange

XRD is Discovery: A protocol for understanding and discovering services

We then went over a bunch of the organizations and how they relate to each other. See Kaliya’s flowchart slides for an overview.