When we are asked to identify ourselves in the real world, we show our ID cards. We trust it because it is issued by the government. Can we build a digital ID card based on the same principes, that we can use to authenticate users in our applications instead of relying on cookies and sessions?

Spoiler alert; we’ll talk about micro services, cryptography, JSON Web Tokens and OAuth2.

Comments

Please login to leave a comment

Rated 4

Scott Dutton at 18:07 on 26 Jan 2019

Was a good talk, Explained the concepts well.
Wasnt much detail on how to exire tokens if you are not storing them.

Not sure if you have used paseto ? Perhaps touch on that also ?

https://paragonie.com/blog/2018/03/paseto-platform-agnostic-security-tokens-is-secure-alternative-jose-standards-jwt-etc

Rated 4

Bart McLeod at 21:36 on 27 Jan 2019

I did not know about JWT before attending your talk, thanks for the introduction.

Rated 3

Arjan Kleene at 15:18 on 28 Jan 2019

Not really what I expected, but that's probably to do with my expectations and not necessarily with the talk itself. The info about JWT was good, and the possible use cases are also very interesting.

Rated 5

Jens Trio at 13:18 on 31 Jan 2019

Interesting talk that was brought in a fun way. By telling a story around it you had the audience immediately with you. The presentation had a clear structure and was brought in a very understandable way. Top!