...
- See http://kantarainitiative.org/confluence/download/attachments/37750854/ORANGE+PClement+-+EEMA+2010+v0+1.ppt
- The above link has also been added to our Related Work
Discussion:
- Philippe presented these slides at EEMA and EIC earlier this year
- Started off on slide 11 with a historical circle of trust with one user, one IdP, and one RP.
- Slide 12: in real life the user has multiple IdPs and multiple RPs.
- Slide 13: introduces the Orange "ISA" (IdP selection agent) – a new "forth" actor. Users can simplicity and security. RPs want to increase their audience (and now they can do so with very simple integration).
- Slide 14: Shows the ISA UI and benefits
- Slide 15: The idea emerged from early Liberty work and recent market requirements work
- Slide 16: More details of UI
- Slide 17: iPhone UX (steady state: one click to make the ISA appear, one click to choose IdP and you come back authenticated)
- John: is your existing implementation doing protocol translation?
- Benoit: yes. So this is like RPX it does translation from IdP and JanRain and then from the RP to JanRain.
- Benoit: The benefit is that the RP only a single protocol.
- Paul: Isn't the chain of trust broken?
- Bob: The ISA is acting as both a selection agent and as a IdP proxy (SAML terminology). We had discussed having two agents: proxy and selection.
- Slide 20: User guide. Quick start guide to integrate and test the Orange ID Selector in less than half a day.
- Slide 21: Sample Javascript to trigger the ISA
- Slide 22:
- http://www.quizagain.com – good site to try out
- http://idselector.orange.com – to see how it works
- Philippe: this idea of the forth party has emerged from a wide collaborative discussion