Professional Documents
Culture Documents
User-Centric Identity
Data Sharing
Social Collaboration
Perpetual Beta
Incremental Evolution
Web as a Platform, and
Users in Control
Mashup
A barrier to entry
Registration == drop off
ID fatigue among users
Expensive to maintain
authentication infrastructure
Online Identity
Lives moving online
Virtual world identity != physical world
identity
Fragmentation of identity across services
Limits value of services (network growth
slowed)
Not necessary to bind identity and services
together
User-Centric Identity
Community driven
OpenID
CardSpace
Liberty (SAML)
Proprietary
Yahoo! BBAuth
Google Account API
AOL OpenAuth
Challenges w/ Adoption
Platform/OS dependencies
Programming Language Support
Too many APIs/Protocols
Complex message formats
Challenges w/ User Experience
User Experience
Consistency is the “Key”
User Permissions
Ask User !
Implied consents are bad
Report and Consume Reputation
Identity and associated data under user’s control
Support multiple public/private identities
Support switching Identity Providers
Adopt protocols that support all (most) of the
above
AOL Open Authentication API
• Simple API to Authenticate AOL/AIM/ICQ Users
• Light-weight “provisioning” and easy integration/use
• Well known/understood Technologies
• HTTP/TLS/XML/JSON/…
• Permission (Consent) Management
• Secure Token exchange for ‘deputization’ of services
• Designed for AOL Open Services Consumption
• Supports Redirect, AJAX, and Direct Models
• Also …
• OpenID Provider (OP)
• OpenID Authentication Token Exchange Extension
• OpenID Consumer/Relying Party - accepts 3rd party OpenIDs
• STS for CardSpace (in the future)
http://dev.aol.com/openauth
Sign In Page
Permission Request Page
User Permission Management Page
https://my.screenname.aol.com
Ficlets
Q&A
http://dev.aol.com
Contact Info