SlideShare a Scribd company logo

Introduction to OpenID TX proposed extension

Download as PPT, PDF
Nat Sakimura
Nat Sakimura

The document provides an overview of the Trust Exchange (TX) extension for OpenID, which allows for contract-driven data exchange to enable more secure transactions. The TX extension defines protocols for contract negotiation using either synchronous POST binding or asynchronous artifact binding. It also defines an optional data transfer method and formats for contract proposals and signed contracts containing terms like participant IDs, amounts, signatures, and expiration dates. The goal is to augment OpenID with stronger authentication and secure attribute exchange for sensitive transactions.

Technology
1 of 13
An Introduction to OpenID TX ver. 1.4 Nat Sakimura (=nat)‏ Nov. 11, 2008
Preface ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Contents ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why TX? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Contract Driven Data Exchange = Trust Exchange (TX)‏
Highlight ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Positive Assertion +[TX] Contract Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing POST Binding Redirect to L2+Payment OP with [TX]POST Contract Proposal Proposal Signing
OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Positive Assertion + tx.c.tatus=Pending Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing POST Binding Redirect to L2+Payment OP with [TX]POST Contract Proposal Proposal Signing
Notification OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ [TX] send Contract based Request [TX] Receive Data Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing [TX] Notification (status)‏ Status: Contract Complete, Data Changed, Contract terminated, ID removed [TX] Notification OP to RP notification RP to OP notification
Data Transfer (Optional)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ [TX] GET with Contract ID + Signature [TX] Receive Data Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing N.B. Although TX defines a default Data Transfer protocol, it can be substituted by any other methods as long as it is specified in the Contract.
OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Redirect to L2+Payment OP with Transaction ID Positive Assertion +Contract ID Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing [TX]POST Contract Proposal [TX] Transaction ID [TX] send Contract ID [TX] Receive Contract Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing Artifact Binding Proposal Signing
OpenID Login + Payment (asynchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Redirect to L2+Payment OP with Transaction ID Positive Assertion + tx.c.tatus=Pending Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing [TX]POST Contract Proposal [TX] Transaction ID [TX] send Contract ID [TX] Receive Contract Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing [TX] Completion Notification Artifact Binding Proposal Signing
Appendix: example proposal ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],NOTE: This is a bit out-of-date See http://sourceforge.jp/projects/openidtx/
Appendix: example contract ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],NOTE: This is a bit out-of-date See http://sourceforge.jp/projects/openidtx/

Recommended

R3Corda_Concepts+Components_AICTE_STTP_2020
R3Corda_Concepts+Components_AICTE_STTP_2020R3Corda_Concepts+Components_AICTE_STTP_2020
R3Corda_Concepts+Components_AICTE_STTP_2020Amritha Antony
 
53398506 10-case-study-digital-signature
53398506 10-case-study-digital-signature53398506 10-case-study-digital-signature
53398506 10-case-study-digital-signatureBookStoreLib
 
Dsa & Digi Cert
Dsa & Digi CertDsa & Digi Cert
Dsa & Digi CertRam Dutt Shukla
 
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLOPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLIJNSA Journal
 
Electronic Signature
Electronic SignatureElectronic Signature
Electronic SignatureJoon Young Park
 
Digital signature
Digital signatureDigital signature
Digital signatureCoders Hub
 
Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2YooGenelyn
 
Blind Signature Scheme
Blind Signature SchemeBlind Signature Scheme
Blind Signature SchemeKelum Senanayake
 

Recommended

R3Corda_Concepts+Components_AICTE_STTP_2020
R3Corda_Concepts+Components_AICTE_STTP_2020R3Corda_Concepts+Components_AICTE_STTP_2020
R3Corda_Concepts+Components_AICTE_STTP_2020Amritha Antony
 
53398506 10-case-study-digital-signature
53398506 10-case-study-digital-signature53398506 10-case-study-digital-signature
53398506 10-case-study-digital-signatureBookStoreLib
 
Dsa & Digi Cert
Dsa & Digi CertDsa & Digi Cert
Dsa & Digi CertRam Dutt Shukla
 
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLOPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLIJNSA Journal
 
Electronic Signature
Electronic SignatureElectronic Signature
Electronic SignatureJoon Young Park
 
Digital signature
Digital signatureDigital signature
Digital signatureCoders Hub
 
Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2YooGenelyn
 
Blind Signature Scheme
Blind Signature SchemeBlind Signature Scheme
Blind Signature SchemeKelum Senanayake
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemesravik09783
 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificatehome
 
Dss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmDss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmAbhishek Kesharwani
 
Libra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandLibra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandSathapon Patanakuha
 
Information and data security digital signatures
Information and data security digital signaturesInformation and data security digital signatures
Information and data security digital signaturesMazin Alwaaly
 
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain PlatformKlaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platformif kakao
 
Digital signature
Digital signatureDigital signature
Digital signatureNisha Menon K
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Mumbai Academisc
 
Primer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementPrimer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementTim Swanson
 
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009EuroCloud
 
OAuth 2
OAuth 2OAuth 2
OAuth 2ChrisWood262
 
Introducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceIntroducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceAmin Saqi
 
1. ibm blockchain explained
1. ibm blockchain explained1. ibm blockchain explained
1. ibm blockchain explainedDiego Alberto Tamayo
 
Session 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariSession 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariArthur Janse
 
Blockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureBlockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureNuri Cankaya
 
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Hitachi, Ltd. OSS Solution Center.
 
Web Security
Web SecurityWeb Security
Web SecurityRam Dutt Shukla
 
Single-Page-Application & REST security
Single-Page-Application & REST securitySingle-Page-Application & REST security
Single-Page-Application & REST securityIgor Bossenko
 
Python, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePython, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePortia Burton
 
Ch17
Ch17Ch17
Ch17Joe Christensen
 
HTTPS
HTTPSHTTPS
HTTPSmaroti164
 
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcSoa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcfuzzyBSc
 

More Related Content

What's hot

Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemesravik09783
 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificatehome
 
Dss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmDss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmAbhishek Kesharwani
 
Libra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandLibra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandSathapon Patanakuha
 
Information and data security digital signatures
Information and data security digital signaturesInformation and data security digital signatures
Information and data security digital signaturesMazin Alwaaly
 
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain PlatformKlaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platformif kakao
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Mumbai Academisc
 

What's hot (8)

Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemes
 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificate
 
Dss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmDss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithm
 
Libra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandLibra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract Thailand
 
Information and data security digital signatures
Information and data security digital signaturesInformation and data security digital signatures
Information and data security digital signatures
 
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain PlatformKlaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)
 

Similar to Introduction to OpenID TX proposed extension

Primer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementPrimer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementTim Swanson
 
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009EuroCloud
 
Introducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceIntroducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceAmin Saqi
 
Session 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariSession 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariArthur Janse
 
Blockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureBlockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureNuri Cankaya
 
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Hitachi, Ltd. OSS Solution Center.
 
Single-Page-Application & REST security
Single-Page-Application & REST securitySingle-Page-Application & REST security
Single-Page-Application & REST securityIgor Bossenko
 
Python, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePython, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePortia Burton
 
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcSoa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcfuzzyBSc
 
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saulTBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saulDestry Saul
 
Algorand Smart Contracts
Algorand Smart ContractsAlgorand Smart Contracts
Algorand Smart Contractsssusercc3bf81
 
Whitepaper: What You Should Know About eSignature Law
Whitepaper: What You Should Know About eSignature LawWhitepaper: What You Should Know About eSignature Law
Whitepaper: What You Should Know About eSignature LawDocuSign
 
R3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and ComponentsR3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and ComponentsGokul Alex
 

Similar to Introduction to OpenID TX proposed extension (20)

Primer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementPrimer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset management
 
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
 
OAuth 2
OAuth 2OAuth 2
OAuth 2
 
Introducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceIntroducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and Performance
 
1. ibm blockchain explained
1. ibm blockchain explained1. ibm blockchain explained
1. ibm blockchain explained
 
Session 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariSession 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januari
 
Blockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureBlockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on Azure
 
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
 
Web Security
Web SecurityWeb Security
Web Security
 
Single-Page-Application & REST security
Single-Page-Application & REST securitySingle-Page-Application & REST security
Single-Page-Application & REST security
 
Python, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePython, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size Change
 
Ch17
Ch17Ch17
Ch17
 
HTTPS
HTTPSHTTPS
HTTPS
 
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcSoa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
 
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saulTBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
 
ch17.ppt
ch17.pptch17.ppt
ch17.ppt
 
Algorand Smart Contracts
Algorand Smart ContractsAlgorand Smart Contracts
Algorand Smart Contracts
 
Whitepaper: What You Should Know About eSignature Law
Whitepaper: What You Should Know About eSignature LawWhitepaper: What You Should Know About eSignature Law
Whitepaper: What You Should Know About eSignature Law
 
R3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and ComponentsR3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and Components
 
SSL
SSLSSL
SSL
 

More from Nat Sakimura

FAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにFAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにNat Sakimura
 
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureOpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureNat Sakimura
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English TranslationNat Sakimura
 
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesNat Sakimura
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileNat Sakimura
 
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WGNat Sakimura
 
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革Nat Sakimura
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Nat Sakimura
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateNat Sakimura
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGNat Sakimura
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectNat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴールNat Sakimura
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91Nat Sakimura
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problemsNat Sakimura
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extensionNat Sakimura
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nat Sakimura
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OPNat Sakimura
 

More from Nat Sakimura (20)

FAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにFAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのために
 
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureOpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation
 
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth Profile
 
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
 
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 Update
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WG
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID Connect
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problems
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extension
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OP
 

Recently uploaded

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 

Recently uploaded (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

Introduction to OpenID TX proposed extension

  • 1. An Introduction to OpenID TX ver. 1.4 Nat Sakimura (=nat)‏ Nov. 11, 2008
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Positive Assertion +[TX] Contract Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing POST Binding Redirect to L2+Payment OP with [TX]POST Contract Proposal Proposal Signing
  • 7. OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Positive Assertion + tx.c.tatus=Pending Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing POST Binding Redirect to L2+Payment OP with [TX]POST Contract Proposal Proposal Signing
  • 8. Notification OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ [TX] send Contract based Request [TX] Receive Data Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing [TX] Notification (status)‏ Status: Contract Complete, Data Changed, Contract terminated, ID removed [TX] Notification OP to RP notification RP to OP notification
  • 9. Data Transfer (Optional)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ [TX] GET with Contract ID + Signature [TX] Receive Data Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing N.B. Although TX defines a default Data Transfer protocol, it can be substituted by any other methods as long as it is specified in the Contract.
  • 10. OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Redirect to L2+Payment OP with Transaction ID Positive Assertion +Contract ID Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing [TX]POST Contract Proposal [TX] Transaction ID [TX] send Contract ID [TX] Receive Contract Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing Artifact Binding Proposal Signing
  • 11. OpenID Login + Payment (asynchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Redirect to L2+Payment OP with Transaction ID Positive Assertion + tx.c.tatus=Pending Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing [TX]POST Contract Proposal [TX] Transaction ID [TX] send Contract ID [TX] Receive Contract Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing [TX] Completion Notification Artifact Binding Proposal Signing
  • 12.
  • 13.