Profile

Cover photo
John Bradley
Works at Ping Identity
Lives in Isla de Maipo, Chile
175 followers|107,219 views
AboutPostsPhotosVideos

Stream

John Bradley

Shared publicly  - 
 #Pinterest
 
Pintrest Hacked.
Pinterest Hacked But Company Fails To Disclose Details To Users Or Public
programmableweb.com
An untold number of Pinterest users were breached on June 4, 2014 as a part of a sophisticated attack designed to skim confidential information from their Facebook friends and Twitter followers. So far, Pinterest has failed to fully remedy the situation or even acknowledge that the attack happened.
1
Add a comment...

John Bradley

Shared publicly  - 
 #OAuth
 #OpenID
 
New Draft of OAuth JWT encoded state released.
Based on feedback I have released a update of  Encoding claims in the OAuth 2 state parameter using a JWT . Based on the first version Hans Zandbelt has added support in the OpenID Connect Apache module . People can test the IdP initiated flow with this.   ...
New Draft of OAuth JWT encoded state released.
thread-safe.com
1
Add a comment...

John Bradley

Shared publicly  - 
 #JSON
 #API
 
WT and JOSE have won a Special European Identity Award
Nat, Mike & John Today the JSON Web Token (JWT) and JSON Object Signing and Encryption (JOSE)specifications were granted a Special European Identity Award for Best Innovation for Security in the API Economy. I was honored to accept the award, along with Nat...
WT and JOSE have won a Special European Identity Award
thread-safe.com
1
Add a comment...

John Bradley

Shared publicly  - 
 #OpenID
 #OAuth
 
Programable Web article on Open Redirectors
This is another interview that I did this week on the open redirector topic for Programable Web .   I think the author sums up the issue nicely. Ultimately, the OpenID and OAuth security issue highlights the fact that implementation is everything. Open stan...
Programable Web article on Open Redirectors
thread-safe.com
1
Add a comment...

John Bradley

Shared publicly  - 
 #Facebook
 
Information week Article on Open Redirect
I was interviewed Wednesday by Information week for an article on the Open Redirector issue. All in all it turned out not too bad. I am glad to know that Linked in set a deadline for their clients to register redirect_uri. The sites using Facebook Connect s...
Information week Article on Open Redirect
thread-safe.com
1
Add a comment...

John Bradley

Shared publicly  - 
 #IETF
 
OAuth 2 and Fragment encoding.
At the Internet Identity Workshop in California yesterday a number of the members of the IETF OAuth Working group met to discuss the open redirector issue. One design choice that was made years ago about fragment encoding the response for Java Script client...
OAuth 2 and Fragment encoding.
thread-safe.com
1
Add a comment...
Have him in circles
175 people
Kevin Mullins's profile photo
Marius Scurtescu's profile photo

John Bradley

Shared publicly  - 
 
WT and JOSE have won a Special European Identity Award
thread-safe.com
5
Salvatore D'Agostino's profile photo
Salvatore D'Agostino
 
Congrats!
Add a comment...

John Bradley

Shared publicly  - 
 #OAuth
 
New draft of Encoding multiple values in the OAuth state parameter.
Based on feedback from IIW I have updated my draft, changing the name of the Cross Site Request Forgery Protection parameter from "xrsf"  to Request Forgery Protection "rfp". Some were confused by the parameter name.  (That is what first drafts are for.) I ...
New draft of Encoding multiple values in the OAuth state parameter.
thread-safe.com
1
Add a comment...
People
Have him in circles
175 people
Kevin Mullins's profile photo
Marius Scurtescu's profile photo
Work
Occupation
Identity Mercenary
Employment
  • Ping Identity
    Sr. Technical Architect, 2012 - present
  • Protiviti Government Services Inc
    Identity and Access Management Lab, 2010 - present
  • Cryptolex
    Federated Identity Standards, 2008 - 2010
  • NDP, Cyberstore, Westel, Group Telecom
  • Cogneto, OIDF, ICF
Basic Information
Gender
Male
Other names
ve7jtb
Story
Introduction

John is a Senior Technical Architect in the CTO Office of Ping Identity. He is an experienced IT professional with a diverse background. Most recently, John has been co-authoring the OpenID Connect protocol and JSON Object Signing and Encryption (JOSE) along with OAuth 2, He co-authord the ICAM protocol profiles while at Protiviti Government Services. He has also been coordinating interoperability testing on the profiles with OASIS and Trust Framework partners from industry.  John provides leadership at Kantara as chair of the Leadership Council and as chair Federation Interoperability Work Group.  He has contributed to SAML, openID, Information Card (IMI), XRI and other identity standards.  He is actively working to develop the next version of openID. As the Co-Chair of OSIS he has both developed testing infrastructure and co-coordinated interoperability testing amongst all the major vendors participating in openID and Information Cards.

Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Isla de Maipo, Chile
Previously
Vancouver, BC - Ottawa, On - Redstone, CO - Viticura, Chile - Toronto, ON - Winnipeg, MB
Links
Other profiles
Contributor to