decentralized-id.github.io/_posts/organizations/2023-08-12-openid.md
2023-09-11 16:40:30 -04:00

89 lines
14 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: "OpenID Foundation"
description: "Our mission is to lead the global community in creating identity standards that are secure, interoperable and privacy-preserving."
layout: single
excerpt: >
Founded in 2007, the OpenID Foundation (OIDF) is a global open standards body committed to helping people assert their identity wherever they choose. We are global vibrant community where identity peers and thought leaders convene to craft the identity ecosystems of tomorrow.
categories: ["Standards Development Orgs"]
tags: ["OpenID","Open Banking","SSE","GAIN","Standards Development Org"]
permalink: /organizations/openid/
canonical_url: 'https://decentralized-id.com/organizations/openid/'
last_modified_at: 2023-08-12
---
## Main
* [OpenID Foundation Publishes “Open Banking and Open Data: Ready to Cross Borders?”](https://openid.net/final-version-of-open-banking-and-open-data-ready-to-cross-borders-whitepaper-published/) 2023-02-06 OpenID
> More than 50 open data, digital identity and API security technologists globally contributed to this whitepaper to answer the following questions:
> 1. What are the differences and similarities between different open data ecosystems?
> 2. Is global interoperability between different ecosystems possible?
> 3. Who will be driving this movement and what are the use cases motivating them? How will users benefit?
> 4. How could cross-border use cases work and what “good might look like”? What are the architecture and governance requirements?
> 5. What can you do if you believe this is the right direction for Open Banking and Open Data?
* [OpenID Foundation Publishes “The Global Open Health Movement: Empowering People and Saving Lives by Unlocking Data” Whitepaper](https://www.openid.net/openid-foundation-publishes-the-global-open-health-movement-empowering-people-and-saving-lives-by-unlocking-data-whitepaper/) 2022-07-22 OpenID
> The whitepaper offers an overview of the global health sector privacy and security landscape and introduces similar work from outside the health domain with health experts. One key hypothesis we will test is that existing Open Banking and other Open Data standards, like FAPI, could help the health community deliver on their Open Health goals more quickly.
* [OpenID for Verifiable Credentials](http://openid.net/wordpress-content/uploads/2022/05/OIDF-Whitepaper_OpenID-for-Verifiable-Credentials_FINAL_2022-05-12.pdf) 2022-05-12 OpenID
> The goal of this whitepaper is to inform and educate the readers about the work on the OpenID for Verifiable Credentials (OpenID4VC) specifications family. It addresses use-cases referred to as Self-Sovereign Identity, Decentralized Identity, or User-Centric Identity.
* [OpenID Foundation Publishes Whitepaper on Open Banking](https://openid.net/2022/03/18/openid-foundation-publishes-whitepaper-on-open-banking/) 2022-03-18 OpenID
> The OpenID Foundation is pleased to share its new whitepaper, “[Open Banking, Open Data and Financial-Grade APIs](https://openid.net/wordpress-content/uploads/2022/03/OIDF-Whitepaper_Open-Banking-Open-Data-and-Financial-Grade-APIs_2022-03-16.pdf)”. The paper documents the international movement towards Open Banking, Open Finance, and secure, consent driven access to all user data. It describes the OpenID Foundation and in particular the Financial-Grade API (FAPI) Working Groups experience with Open Banking ecosystems internationally.
* [The 7 Laws of Identity Standards](https://openid.net/2021/04/10/the-7-laws-of-identity-standards/) 2021-04-10 OpenID
> 1. A identity standards adoption is driven by its value of the reliability, repeatability and security of its implementations.
> 2. A standards value can be measured by the number of instances of certified technical conformance extant in the market.
> 3. Certified technical conformance is necessary but insufficient for global adoption.
> 4. Adoption at scale requires widespread awareness, ongoing technical improvement and a open and authoritative reference source.
> 5. When Libraries/Directories/ Registries act as authoritative sources they amplify awareness, extend adoption and promote certification.
> 6. Certified technical conformance importantly complements legal compliance and together optimize interoperability.
> 7. Interoperability enhances security, contains costs and drives profitability.
## Organization
* [How OpenID Standards are Enabling Secure & Interoperable Digital Identity Ecosystems](http://openid.net/wordpress-content/uploads/2022/05/OIDF_Workshop-at-EIC_FINAL_2022-05-11.pptx) 2022-05-11 OpenID
> ![](https://i.imgur.com/XvzvZMM.png)
* [Okta Joins the OpenID Foundation Board to Further Advance Open Identity Standards](https://openid.net/2021/12/10/okta-joins-the-openid-foundation-board-to-further-advance-open-identity-standards/) 2021-12-10 OpenID
> “OpenID Connect is one of the most adopted identity standards, providing essential functionality to core solutions across the industry,” said Vittorio Bertocci, Principal Architect, Auth0.
* [The OpenID Foundation Welcomes Visa to the Board of Directors](https://openid.net/2021/12/07/the-openid-foundation-welcomes-visa-to-the-board-of-directors/) 2021-12-07 OpenID
> Visas leadership in global payments and identity services as well as their longstanding commitment to standards will be of great value as we tailor our strategy to this moment.
* [Passing the Torch at the OpenID Foundation](https://self-issued.info/?p=2170) 2021-04-28 Mike Jones
> Today marks an important milestone in the life of the OpenID Foundation and the worldwide digital identity community. Following [Don Thibeaus decade of exemplary service to the OpenID Foundation as its Executive Director](https://openid.net/2021/02/19/resolution-thanking-don-thibeau-for-his-service/), today we [welcomed Gail Hodges as our new Executive Director](https://openid.net/2021/04/28/welcoming-gail-hodges-as-our-new-executive-director/).
* [2021 OpenID Foundation Board Update](https://openid.net/2021/02/09/2021-openid-foundation-board-update/) 2021-02-09 OpenID
> Nat Sakimura and John Bradley were re-elected to new two-year terms as community member representatives. Nat and Johns well-known technical expertise and global thought leadership ensures continuity across working groups and as the Foundation transitions to new leadership in 2021.
## Standards Development
* [Proof-of-possession (pop) AMR method added to OpenID Enhanced Authentication Profile spec](https://self-issued.info/?p=2198) 2021-10-13 Mike Jones
> Ive defined an Authentication Method Reference (AMR) value called “pop” to indicate that Proof-of-possession of a key was performed. Unlike the existing “hwk” (hardware key) and “swk” (software key) methods [...] Among other use cases, this AMR method is applicable whenever a [WebAuthn](https://www.w3.org/TR/2021/REC-webauthn-2-20210408/) or [FIDO](https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html) authenticator are used.
### [Shared Signals Working Group](https://openid.net/wg/sharedsignals/)
> The Shared Signals working group is providing data sharing schemas, privacy recommendations and protocols to share security event information to thwart attackers from leveraging compromised accounts from one Service Provider to gain access to accounts on other Service Providers and enable users and providers to coordinate to securely restore accounts following a compromise.
* [OpenID RISC Profile Specification 1.0 - draft 02](https://openid.net/specs/openid-risc-profile-specification-1_0.html) 2022-04-05 OpenID
> This document defines the Risk Incident Sharing and Coordination (RISC) Event Types based on the Shared Signals and Events (SSE) Framework. Event Types are introduced and defined in Security Event Token (SET).
* [Shared Signals: An Open Standard for Webhooks](https://openid.net/2021/08/24/shared-signals-an-open-standard-for-webhooks/) 2021-08-24 OpenID
> The OpenID Foundation formed the “[Shared Signals and Events](https://openid.net/wg/sse/)” (SSE) Working Group as a combination of the previous OpenID RISC working group and an informal industry group that was focused on standardizing [Googles CAEP proposal](https://cloud.google.com/blog/products/identity-security/re-thinking-federated-identity-with-the-continuous-access-evaluation-protocol). These represented two distinct applications of the same underlying mechanism of managing asynchronous streams of events. Therefore the [SSE Framework](https://openid.net/specs/openid-sse-framework-1_0-01.html) is now proposed to be a standard for managing such streams of events for any application, not just CAEP and RISC. In effect, it is a standard for generalized Webhooks.
* [Security Event Tokens, Subject Identifiers, and SSE/CAEP/RISC Java implementation](https://iiw.idcommons.net/13A/_Security_Event_Tokens,_Subject_Identifiers,_and_SSE/CAEP/RISC_Java_implementation) 2021-05-06 Matt Domsch
> Matt presented an overview of the OpenID Foundation Shared Signals and Events Working Group, and his implementation of the object model in an open source Java library at [https://github.com/sailpoint-oss/openid-sse-model/](https://github.com/sailpoint-oss/openid-sse-model/)
* [OpenID SSE Model - Security Event Tokens, Subject Identifiers, and SSE/CAEP/RISC Java implementation](https://domsch.com/IIW32/IIW32-openid-sse-model.pdf) 2021-04-21 Domsch
> * Security Event Tokens RFC 8417\n$5 Matt Domsch, VP & Engineering Fellow
> * Subject Identifiers Internet Draft RFC
> * Shared Signals & Events OpenID Foundation WG
> * Includes RISC, CAEP, and Oauth event profiles
## GAIN
* [How GAIN Happens, Slowly Then All at Once](https://openid.net/2022/06/03/how-gain-happens-slowly-then-all-at-once/) 2022-06-03 OpenID
> GAIN is marked by a cross sector, crowd sourced, open, global due diligence. GAINs self organized participants are actively seeking evidence that disconfirms the GAIN hypothesis.
* [Protocols, Standards, Alliances: How to Re-GAIN the Future Internet from the Big Platforms](https://www.kuppingercole.com/watch/eic2022-panel-gain-future-internet) 2022-05-13 Kuppinger Cole
> just like trade unions helped the working class during the industrial revolution to fight for their rights. In this panel session, we will discuss about the enablers of such a different approach and the requirements to actually be successfull.
* [Introducing the Global Assured Identity Network (GAIN) Proof of Concept Community Group](https://openid.net/2022/03/02/introducing-the-global-assured-identity-network-gain-proof-of-concept-community-group/) 2022-03-02 OpenID
> The OpenID Foundation is pleased to announce the launch of the Global Assured Identity Network (GAIN) Proof of Concept Community Group, which aims to test the technical hypotheses underlying the [“GAIN Digital Trust”](https://gainforum.org/GAINWhitePaper.pdf) white paper.
* [Global Assured Identity Network White Paper](https://openid.net/2021/09/20/global-assured-identity-network-white-paper/) 2021-09-20 OpenID
> The Global Assured Identity Network White Paper was the centerpiece of the OpenID Foundations Chairman Nat Sakimuras keynote at the European Identity Conference just a few days ago. His presentation can be found at https://nat.sakimura.org/2021/09/14/announcing-gain/. Nat describes GAIN as an overlay network on top of the Internet with all its participants identity proofed. One key benefit of the approach proposed in the white paper is that the standards required to enable this network already exist: OpenID Connect and eKYC/IDA.
>
> The White Paper was a “no logo, pro bono, open source” collaboration of over 150 co-authors including many members of the OpenID Foundation. Its well on its way to achieving its goal of generating a community wide discussion on the business, technical and legal requirements for pragmatic international interoperability.
* [EIC Speaker Spotlight: Nat Sakimura](https://www.youtube.com/watch?v=QG_gkZkpJwQ) 2021-08-24 Introducing Gain • OpenID Foundation
> if you look at the the cost structure of the financial industry a lot of cost Is towards anti-money laundering and related activities and that actually is identity problem [...] we should try to solve the use case with a user centricity in mind
## Kim Cameron Award
* [Kim Cameron Award Winner Reflects on EIC](https://openid.net/2022/07/05/rachelle-sellung-2022-kim-cameron-award/) 2022-07-05 Rachelle Sellung
> In a matter of a few days, I heard many inspiring presentations, had many interesting conversations, and met many wonderful people in this field at the Conference. It has already led to multiple conversations of working together regarding future stakeholder research that will hopefully be useful and support the identity community.
* [2022 OpenID Foundation Kim Cameron Award Recipients Announced](https://openid.net/2022/04/29/2022-openid-foundation-kim-cameron-award-recipients-announced/) 2022-04-29 OpenID\
*This was the first IIW without Kim Cameron. This was a very fitting announcement.*
> The OpenID Foundation is pleased to announce the first cohort of awardees for inaugural launch of the Kim Cameron Award Program. We first must thank the many well-qualified applicants who presented compelling interest in user-centric identity.
* [Announcing the 2022 OpenID Foundation Kim Cameron Scholarship](https://openid.net/2022/04/08/announcing-the-2022-openid-foundation-kim-cameron-scholarship/) 2022-04-08 OpenID
> Scholarship recipients will be studying, researching, interning or working in a field relevant to one or more [OpenID Foundation working groups](https://openid.net/wg/) and consistent with Foundations Mission. The scholarship recipients will also be invited to participate in Foundation breakout meetings at the European Identity Conference and Identiverse which will provide exposure to both the Foundations business as well as leading technologists.