Open in app

Sign In

Write

Sign In

Takahiko Kawasaki
Takahiko Kawasaki

2.4K Followers

Home

About

Sep 13

Challenging the U.S. Market with a Professional CEO from Silicon Valley

On September 18, 2015, Authlete, Inc. officially incorporated as a company in Japan. For approximately 8 years since then, we deliberately left the CEO (Chief Executive Officer) position vacant. However, we are pleased to announce that our long-standing search for a CEO has finally paid off, and we have found…

Startup

7 min read

Challenging the U.S. Market with a Professional CEO from Silicon Valley
Challenging the U.S. Market with a Professional CEO from Silicon Valley
Startup

7 min read


Jun 4

Note to Self: ECDSA trivia

Boolean value for y-coordinate? While implementing the feature of signing and verification with ES256 / ES384 / ES512 algorithms into my Java library for CBOR / COSE / CWT (authlete/cbor), I noticed that “IANA COSE Key Type Parameters” states that the y-coordinate of EC2 keys can be represented as a boolean value instead of…

Ecdsa

2 min read

Ecdsa

2 min read


May 2

GAIN PoC Interim Report (Spring 2023)

Disclaimer This is a copy (with some editorial adjustments) of the interim report about GAIN PoC I submitted to the GAIN PoC Community Group on March 26, 2023. Please note that while the report was well received by the group, it is not an officially endorsed document. Preface GAIN (Global Assured Identity…

Openid

11 min read

GAIN PoC Interim Report (Spring 2023)
GAIN PoC Interim Report (Spring 2023)
Openid

11 min read


Jan 2

OpenID Connect Federation 1.0

(This article is a partial reprint of the article “OpenID Connect Federation 1.0” on the Authlete website.) Overview OpenID Connect Federation 1.0 defines a mechanism where an identity provider / authorization server and a relying party (client) that have no direct relationship trust each other based on trust chains and the…

Openid Connect

15 min read

OpenID Connect Federation 1.0
OpenID Connect Federation 1.0
Openid Connect

15 min read


Nov 18, 2022

OAuth 2.0 Step-up Authentication Challenge Protocol

(This article is a partial reprint of the article “OAuth 2.0 Step-up Authentication Challenge Protocol” on the Authlete website.) Overview OAuth 2.0 Step-up Authentication Challenge Protocol “introduces a mechanism for a resource server to signal to a client that the authentication event associated with the access token of the current request…

Oauth

11 min read

OAuth 2.0 Step-up Authentication Challenge Protocol
OAuth 2.0 Step-up Authentication Challenge Protocol
Oauth

11 min read


Aug 12, 2022

JWT Authorization Grant (RFC 7523 2.1)

Overview Section 2.1. Using JWTs as Authorization Grants of RFC 7523 JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants defines another flow for access token issuance which is different from OAuth 2.0 standard flows defined in RFC 6749. We call it JWT Authorization Grant flow. In…

Oauth

3 min read

JWT Authorization Grant (RFC 7523 2.1)
JWT Authorization Grant (RFC 7523 2.1)
Oauth

3 min read


Jul 25, 2022

RFC 8693 OAuth 2.0 Token Exchange

Introduction RFC 8693 OAuth 2.0 Token Exchange is a technical specification that defines a way to get a new token by presenting an existing token and optionally one more existing token at the token endpoint. The mandatory input token is called “Subject Token” and the optional input token is called “Actor…

Oauth

5 min read

RFC 8693 OAuth 2.0 Token Exchange
RFC 8693 OAuth 2.0 Token Exchange
Oauth

5 min read


Jun 9, 2022

How to generate a JWK representing a self-signed certificate

This short article shows command lines to generate a key pair in PEM format and a JWK representing a self-signed certificate for the key pair with the x5c claim. 1. Create a private key openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 > private_key.pem NOTE: Be sure that openssl is from OpenSSL, not LibreSSL. 2. Extract the public key from the private key openssl pkey -pubout…

X509

1 min read

X509

1 min read


May 3, 2022

OpenID Connect for Identity Assurance, explained by an implementer

Introduction OpenID Connect for Identity Assurance 1.0 (OIDC4IDA or IDA) is a technical specification that the eKYC-IDA Working Group of OpenID Foundation has developed. It uses OAuth 2.0 and OpenID Connect (OIDC) as its base and defines a JSON structure that conveys verified claims of a natural person. “Claim” here is…

Openid

13 min read

OpenID Connect for Identity Assurance, explained by an implementer
OpenID Connect for Identity Assurance, explained by an implementer
Openid

13 min read


Apr 19, 2022

Spec Violations in GitHub OAuth Implementation and Security Considerations

Based on information in the “Authorizing OAuth Apps” page on GitHub Docs. The Japanese version is here. Spec Violations The response_type request parameter of authorization request is missing. The parameter is mandatory. See RFC 6749 (The OAuth 2.0 Authorization Framework) Section 4.1.1 (Authorization Request). The default format of token response seems application/x-www-form-urlencoded…

Oauth

3 min read

Oauth

3 min read

Takahiko Kawasaki

Takahiko Kawasaki

2.4K Followers

Co-founder and representative director of Authlete, Inc., working as a software engineer since 1997. https://www.authlete.com/

Following
  • ODIHQ

    ODIHQ

  • Justin Richer

    Justin Richer

  • Google Developers

    Google Developers

  • Taka Umada

    Taka Umada

  • Torsten Lodderstedt

    Torsten Lodderstedt

See all (29)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams