«John has the deepest understanding of cryptography and data ontology of which I know. He's excellent at designing, structuring, and implementing protocols for federated identity services. The translation from real-world use cases to actual deployed code is eternally complex, but it's an art that John has mastered. This has been demonstrated through numerous successful standards that have been adopted in real-world use.»
Actividad
-
At our April 14th workshop, we hosted a panel with Nancy Cam-Winget, Andrea D'Intino, John Bradley and Rick Byers. They discussed the implications of…
At our April 14th workshop, we hosted a panel with Nancy Cam-Winget, Andrea D'Intino, John Bradley and Rick Byers. They discussed the implications of…
Recomendado por John Bradley
-
This week marks the end of my 11 year journey at Okta! It was a life-changing experience and I want to thank Todd McKinnon & Frederic Kerrest for…
This week marks the end of my 11 year journey at Okta! It was a life-changing experience and I want to thank Todd McKinnon & Frederic Kerrest for…
Recomendado por John Bradley
-
The OpenID Foundation hosted a workshop prior to the Internet Identity Workshop in April. This recording covers updates from all of our Work Groups…
The OpenID Foundation hosted a workshop prior to the Internet Identity Workshop in April. This recording covers updates from all of our Work Groups…
Recomendado por John Bradley
Experiencia
Publicaciones
-
OAuth 2.0 Demonstrating Proof of Possession (DPoP)
IETF
This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks with access and refresh tokens.
Otros autoresVer publicación -
OAuth 2.0 Dynamic Client Registration Management Protocol
IETF
This specification defines methods for management of OAuth 2.0 dynamic client registrations for use cases in which the properties of a registered client may need to be changed during the lifetime of the client. Not all authorization servers supporting dynamic client registration will support these management methods.
Otros autoresVer publicación -
OAuth 2.0 Dynamic Client Registration Protocol
IETF
This specification defines mechanisms for dynamically registering OAuth 2.0 clients with authorization servers. Registration requests send a set of desired client metadata values to the authorization server. The resulting registration responses return a client identifier to use at the authorization server and the client metadata values registered for the client. The client can then use this registration information to communicate with the authorization server using the OAuth 2.0 protocol.…
This specification defines mechanisms for dynamically registering OAuth 2.0 clients with authorization servers. Registration requests send a set of desired client metadata values to the authorization server. The resulting registration responses return a client identifier to use at the authorization server and the client metadata values registered for the client. The client can then use this registration information to communicate with the authorization server using the OAuth 2.0 protocol. This specification also defines a set of common client metadata fields and values for clients to use during registration.
Otros autoresVer publicación -
JSON Web Signature (JWS)
IETF
JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) specification and an IANA registry defined by that specification. Related encryption capabilities are described in the separate JSON Web Encryption (JWE) specification.
Otros autoresVer publicación -
JSON Web Token (JWT)
IETF
JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted.
Otros autoresVer publicación
Patentes
-
METHODS AND APPARATUS FOR ASSESSING AUTHENTICATION RISK AND IMPLEMENTING SINGLE SIGN ON (SSO) USING A DISTRIBUTED CONSENSUS DATABASE
Expedida Estados Unidos 20170289134
-
Electronic commerce system and system and method for establishing a trusted session
Presentada el Estados Unidos
A system and method for establishing two-factor security using a mobile device comprising authorizing one or more transactions requests received by a server, identifying one or more credentials required before the transaction can be processed, transmitting the list of credentials and a request session ID to a mobile device that stores, or is linked to, one or more required credentials, and pushing (or authorizing a credentials server to push) such credentials to the server that received the…
A system and method for establishing two-factor security using a mobile device comprising authorizing one or more transactions requests received by a server, identifying one or more credentials required before the transaction can be processed, transmitting the list of credentials and a request session ID to a mobile device that stores, or is linked to, one or more required credentials, and pushing (or authorizing a credentials server to push) such credentials to the server that received the request in order to permit the associated transaction and/or upgrade the prior session to a secured or “authorized” connection.
Otros inventoresVer patente -
Globally aware authentication system
Presentada el Estados Unidos
A computer security monitoring method and system includes receiving input data, wherein the input data includes user account data associated with a user's security-related interaction with a particular network, security-related local network data associated with the particular network, and security-related external network data regarding security threats at one or more independent, external networks. The input data is analyzed to generate at least one composite security status score, wherein…
A computer security monitoring method and system includes receiving input data, wherein the input data includes user account data associated with a user's security-related interaction with a particular network, security-related local network data associated with the particular network, and security-related external network data regarding security threats at one or more independent, external networks. The input data is analyzed to generate at least one composite security status score, wherein the analyzing includes an analysis of the user account data based on previously stored data associated with the user account, and an analysis of the security-related local and external network data to adjust the composite security status score when the analysis of the security-related local and external network data indicates an increased security threat. The method and system may produce human-readable output including an alert associated with the at least one composite security status score. Other features are disclosed.
Otros inventoresVer patente
Proyectos
Empresas
-
Open Identity Exchange (OIX)
Tresurer
-
IETF
WG Chair in Security Area
-
OpenID Foundation
Mobile Profile for OpenID Connect WG Co-Chair
-
Kantara
Chair Federation Interoperability WG
-
OpenID Foundation
Treasurer
-
Open Source Identity System (OSIS) initiative
Steward
-
Open Identity Exchange (OIX)
Board Representitive for Ping Identity
-
Kantara
Chair Leadership Council
Recomendaciones recibidas
2 personas han recomendado a John Unirse para verlo
Más actividad de John
There have been a few blog posts (and resulting social media and forum discussions) going around the past few weeks about #passkeys, mostly painting…
Recomendado por John Bradley
John Bradley and I convened a session on Trust Establishment with OpenID Federation at the Internet Identity Workshop (IIW) on Thursday, April 18…
Recomendado por John Bradley
Split key ECDSA enables phones with less modern key protection to present Verifiable identity credentials (e.g. mobile drivers license from wallet)…
Recomendado por John Bradley
Chris Streeks was one of the nicest and most knowledgable people you will ever meet, and he truly made Yubico a special place. I will cherish the…
Recomendado por John Bradley
If you use a password manager, you can export your passwords into a file and then import them to another password manager. This has been possible for…
Recomendado por John Bradley
Dr. Daniel Fett getting the OAuth Security Workshop 2024 (OSW 2024) underway. Standards are critical to securing the world's identity…
Recomendado por John Bradley
Exciting news: Yubico is one of Fast Company's Most Innovative Companies of 2024! 💫 We're honored to be named #2 in the security category - learn…
Recomendado por John Bradley
I worry about the growing homogeneity and lack of competition in the enterprise IdM market. With Okta having acquired Auth0 and Microsoft Entra…
Recomendado por John Bradley
I’ve started a new position as Principle Engineer at mesur.io
Recomendado por John Bradley
Perfiles similares
Otras personas con el nombre de John Bradley
-
John Bradley
-
John Bradley
Technology Investment Banking
-
John Bradley
Managing Director at Bitech Training Ltd
-
John Bradley
-
John Bradley
Hay 1746 personas más con el nombre de John Bradley en LinkedIn
Ver a otras personas con el nombre de John Bradley