Early-bird Discount
expires in
Register Now


Standards are About Making Choices

Standards are About Making Choices

Tuesday, June 04, 2024 18:30—18:50
Location: C 01
Watch the video
Log in to download presentations

When building machines, we take for granted being able to use nuts, bolts, wires, light bulbs, and countless other parts made to industry standards.  Standards contain choices about dimensions of screw threads, nut sizes, etc., enabling a marketplace of interoperable parts from multiple suppliers.  Without these choices, every part would be custom manufactured.  The same is true of the identity and security standards we use to build identity systems.

However, the identity and security standards at our disposal differ wildly in the degree to which they do and don't make choices.  Some consistently define ONE way to do things, resulting in everyone doing it that way (interoperability!).  Others leave critical choices unmade, passing the buck to implementers and applications (your mileage may vary).

In this talk, I'll name names and take prisoners, critiquing existing and emerging standards through the lens of the choices they made and failed to make.  Hold on to your hats as we examine the pros and cons of the choices made by OAuth, SAML, X.509, OpenID Connect, Verifiable Credentials, DIDs, WebCrypto, JOSE, COSE, and many others through this lens!

I believe you'll agree with me that making choices matters.

Dr. Michael B. Jones
Building the Internet’s Missing Identity Layer
Self-Issued Consulting
Michael B. Jones is on a quest to build the Internet's missing identity layer. He is an editor of the OpenID Connect specifications, IETF OAuth specifications, including JSON Web Token (JWT) and...
Almost Ready to Join EIC 2024?
Reach out to our team with any remaining questions
Get in touch