サービス利用時に、そのサービスが必要とする属性を追加入力してもらう例
IIW9 のメモ集
# Integrating the UX extension (in which the user interacts with the OP in a pop-up window) into the core specification: 12
# Evolving the discovery specification for OpenID, including adding OpenIDs using e-mail address syntax: 10
# Integrating attributes (claims) into the core specification: 9
# Integrating the OAuth Hybrid specification into the core specification: 8
# Supporting an optional active client (identity selector) and non-browser applications: 8
# Improve security, including investigating enabling use at levels of assurance above NIST level 1: 8
# Better support for mobile devices: 8
# Addressing the problem of long URLs (where browsers limit URL length to 2048 or sometimes 256 characters): 6
Mike Jones: self-issued » OpenID v.Next Goals
6ヶ月以内に: UX、ディスカバリ、属性、OAuth Hybrid、アクティブ・クライアント、セキュリティ、モバイル機器、長いURL
Burton Group Identity Blog: Hopes and concerns for identity
ID/パスワードという作法を変えるのは大変じゃね? という話
OpenID authentication request parameters to an active client
FriendFeedのパスワード変更画面には「Also revoke access from all third-party applications」というチェックボックスがある。 - NaHi
Twitter should revoke all OAuth tokens when a user’s password is changed
presos at the OpenID Summit
* Microsoft (Mike Jones): An Experimental Active Client for OpenID: http://self-issued.info/presentations/An_Experimental_Active_Client_for_OpenID.pdf
* Google Security: http://bit.ly/openidsec
* Paypal (Ashish Jain) https://docs.google.com/present/edit?id=0AeQQV1fHPTRIZGNoemtjcTdfMGZjZGhrM2Zq&hl=en
* Plaxo (Joseph Smarr) http://josephsmarr.com/2009/11/03/what-an-rp-wants-part-2-openid-summit-2009/
Page 1 of 3
