Refactoring OpenID Connect Drafts

After the Berlin OpenID AB/C WG F2F meeting, I have been trying to refactor the Connect suites into more palatable form. I am supposed to cr ...

What to read when you want to build OpenID Connect

OpenID Connect has many components. Sometimes, it seems confusing what to read for a new reader, or worse, intimidating. Here is a flow c ...

Write an OpenID Connect server in three simple steps

An OpenID Connect server is just an OAuth 2.0 server on steroids. What it does it to return the ID Token, which contains information about t ...

Identity, Authentication + OAuth = OpenID Connect

More on Personal Data working group report

So, during the Kantara Initiative's Information Sharing working group call, which happend between 1:30am and 2:30am here in Munich, Joe Andr ...

Info Sharing Label became the top story of Nikkei newspapers in Japan!

Ministry of Economy, Trade and Industry (METI) of Japan announced the publishing of the report on the personal data usage by corporations. ...

Explicit Consent – Turning Internet Dog into Pavlov’s Dog

People like me who is working on internet identity space is trying to solve so called "Internet Dog Problem." You surely must have seen t ...

Alice to Bob resource sharing

So I was in UMA call today and that reminded me of this use case. How does Alice share her protected resources (like medical test result) ...

Call for Papers – Open Identity Summit 2013 – Deadline: May 15th, 2013

Dear Ladies and Gentlemen, please be invited to submit a paper or abstract to the "Open Identity Summit". Furthermore we would be deligh ...

Re: Limitations of the OAuth 2.0 definition of “Client”

Thomas Hardjono has a very good blog entry <<Limitations of the OAuth 2.0 definition of "Client">>. The essence of the entry ...