Archive for December, 2010

December 20, 2010
Thanks for Voting in the OpenID Board Election

OpenID logoMy thanks to those of you who voted in the OpenID Board Election. I’m pleased to report that John Bradley, Nat Sakimura, Kick Willemse, and I were elected as community board members for 2011 and 2012 and that Axel Nennker and Chris Messina were elected for 2011.

I’m really excited about the set of people you chose, both because of their passion for user-centric identity, and because of the diverse communities that they represent. Out of the six of us, there are representatives from Chile, Germany, Japan, Netherlands, and two token Americans. :-) You can read more about the 2011 board at the OIDF blog post announcing the election results.

December 6, 2010
Please Vote Now in the OpenID Board Election

OpenID logoThe election for community (individual) OpenID board members is under way at I encourage all of you to vote now. (Don’t wait until the morning of Wednesday, December 15th!) If you’re not already an OIDF member, you can join for USD $25 at and participate in the election.

I’m running for the board this time, and would appreciate your vote. My candidate statement, which is also posted on the election site, follows.

OpenID has the potential to make people’s online interactions seamless, secure, and more valuable. I am already working to make that a reality.

First, a bit about my background with OpenID… I’ve been an active contributor to OpenID since early 2007, including both specification work and serving the foundation. My contributions to the specification work have included: an author and editor of the OpenID Provider Authentication Policy Extension (PAPE) specification, editor of the OAuth 2.0 bearer token specification, co-author of the emerging JSON Web Token (JWT) specification, which will be used by the OpenID Artifact Binding, and an active member of the Artifact Binding working group.

I’ve also made substantial contributions to the foundation and its mission, including: In 2007 I worked with the community to create a legal framework for the OpenID Foundation enabling both individuals and corporations to be full participants in developing OpenID specifications and ensuring that the specifications may be freely used by all; this led to the patent non-assertion covenants that now protect implementers of OpenID specifications. I served on the board representing Microsoft in 2008 and 2009, during which time I was chosen by my fellow board members to serve as secretary; you’ve probably read some of the meeting minutes that I’ve written. I helped organize the OpenID summits hosted by Microsoft in 2010: April in Mountain View and June in London. I chaired the election committee that developed the foundation’s election procedures and software, enabling you to vote with your OpenID. And I co-chaired the local chapters committee that developed the policies governing the relationships between local OpenID chapters around the world and the OpenID Foundation.

I’d like to serve OpenID on the board again in 2011, this time as an individual, because while OpenID has had notable successes, its work is far from done. Taking it to the next level will involve both enhanced specifications and strategic initiatives by the foundation. As a community, we need to evolve OpenID to make it much easier to use and to enable it to be used in more kinds of applications on more kinds of devices. As a foundation, we need to build a broader base of supporters and deployers of OpenID, especially internationally. We need to form closer working relationships with organizations and communities doing related work. And we need continue to safeguarding OpenID’s intellectual property and trademarks so they are freely available for all to use.

I have a demonstrated track record of serving OpenID and producing results. I want to be part of making OpenID even more successful and ubiquitous. That’s why I’m running for a community board seat for 2011.

Mike Jones

December 2, 2010
OAuth 2.0 Bearer Token Specification Draft -01

OAuth logoDraft -01 of the OAuth 2.0 Bearer Token specification is now available. This version is intended to accompany OAuth 2.0 draft -11. This draft is based upon the September 3rd preliminary OAuth 2.0 draft -11 by Eran Hammer-Lahav, with input from David Recordon and several others. It includes an extensive Security Considerations section, for which Hannes Tschofenig gets significant credit.

The draft is available at these locations:

If any of you believe that you should be added to the Acknowledgments in Appendix A, please drop me a note and I’ll be glad to add you.

December 1, 2010
Tighter Focus on Identity Standards and Collaboration

I’m writing to let you know that I’ve joined the recently formed Identity Standards and Policy team at Microsoft. For those of you outside the company, this mostly just means means that you’ll see more of me in the roles you’re used to seeing me in – building industry consensus around identity solutions for the Internet and the enterprise, and taking them from ideas to actual deployments.

I’m joining a great team, who many of you already know: Mary Rundle, our team’s policy and legal expert, who brings an informed and sensitive international perspective to our work, David Turner, an experienced and thoughtful international standards expert, who also throws a great participatory neighborhood music party every year, and Tony Nadalin (a.k.a. Dr. Secure), who leads the team and brings his unique seasoned perspectives, insights, and wry humor to all our work together.

I’m honored by Microsoft’s and Tony’s trust in me to bring me onto the team. I look forward to solving identity problems that matter with many of you in the coming months and years because of it.