{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2017:O6YCHNLD7EXAOQNEQEG6ITDQWU","short_pith_number":"pith:O6YCHNLD","schema_version":"1.0","canonical_sha256":"77b023b563f92e0741a4810de44c70b5143658be1e1e4623bb5158f9d0629f4f","source":{"kind":"arxiv","id":"1704.08539","version":1},"attestation_state":"computed","paper":{"title":"The Web SSO Standard OpenID Connect: In-Depth Formal Security Analysis and Security Guidelines","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Daniel Fett, Guido Schmitz, Ralf Kuesters","submitted_at":"2017-04-27T12:43:33Z","abstract_excerpt":"Web-based single sign-on (SSO) services such as Google Sign-In and Log In with Paypal are based on the OpenID Connect protocol. This protocol enables so-called relying parties to delegate user authentication to so-called identity providers. OpenID Connect is one of the newest and most widely deployed single sign-on protocols on the web. Despite its importance, it has not received much attention from security researchers so far, and in particular, has not undergone any rigorous security analysis.\n  In this paper, we carry out the first in-depth security analysis of OpenID Connect. To this end, "},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"1704.08539","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2017-04-27T12:43:33Z","cross_cats_sorted":[],"title_canon_sha256":"dfd2b7044f911c95dc0fde4657163a1e419a29cc3bcf55a774c66445c7df161a","abstract_canon_sha256":"b5175fb2c3b2435f437bcdd7973f57538b17fd97ef13d0165717827963fca1fb"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-17T23:55:09.860543Z","signature_b64":"QXaZdxzxirasvKtR6LhqVuRRYl+WE0Vh8YE6Ct56YPsKVzHzVXYZBD6UJI5g9ADfp1AWQukWjIoXvr5b6I2BBg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"77b023b563f92e0741a4810de44c70b5143658be1e1e4623bb5158f9d0629f4f","last_reissued_at":"2026-05-17T23:55:09.860073Z","signature_status":"signed_v1","first_computed_at":"2026-05-17T23:55:09.860073Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"The Web SSO Standard OpenID Connect: In-Depth Formal Security Analysis and Security Guidelines","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Daniel Fett, Guido Schmitz, Ralf Kuesters","submitted_at":"2017-04-27T12:43:33Z","abstract_excerpt":"Web-based single sign-on (SSO) services such as Google Sign-In and Log In with Paypal are based on the OpenID Connect protocol. This protocol enables so-called relying parties to delegate user authentication to so-called identity providers. OpenID Connect is one of the newest and most widely deployed single sign-on protocols on the web. Despite its importance, it has not received much attention from security researchers so far, and in particular, has not undergone any rigorous security analysis.\n  In this paper, we carry out the first in-depth security analysis of OpenID Connect. To this end, "},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1704.08539","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"1704.08539","created_at":"2026-05-17T23:55:09.860142+00:00"},{"alias_kind":"arxiv_version","alias_value":"1704.08539v1","created_at":"2026-05-17T23:55:09.860142+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1704.08539","created_at":"2026-05-17T23:55:09.860142+00:00"},{"alias_kind":"pith_short_12","alias_value":"O6YCHNLD7EXA","created_at":"2026-05-18T12:31:34.259226+00:00"},{"alias_kind":"pith_short_16","alias_value":"O6YCHNLD7EXAOQNE","created_at":"2026-05-18T12:31:34.259226+00:00"},{"alias_kind":"pith_short_8","alias_value":"O6YCHNLD","created_at":"2026-05-18T12:31:34.259226+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":0,"internal_anchor_count":0,"sample":[]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/O6YCHNLD7EXAOQNEQEG6ITDQWU","json":"https://pith.science/pith/O6YCHNLD7EXAOQNEQEG6ITDQWU.json","graph_json":"https://pith.science/api/pith-number/O6YCHNLD7EXAOQNEQEG6ITDQWU/graph.json","events_json":"https://pith.science/api/pith-number/O6YCHNLD7EXAOQNEQEG6ITDQWU/events.json","paper":"https://pith.science/paper/O6YCHNLD"},"agent_actions":{"view_html":"https://pith.science/pith/O6YCHNLD7EXAOQNEQEG6ITDQWU","download_json":"https://pith.science/pith/O6YCHNLD7EXAOQNEQEG6ITDQWU.json","view_paper":"https://pith.science/paper/O6YCHNLD","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=1704.08539&json=true","fetch_graph":"https://pith.science/api/pith-number/O6YCHNLD7EXAOQNEQEG6ITDQWU/graph.json","fetch_events":"https://pith.science/api/pith-number/O6YCHNLD7EXAOQNEQEG6ITDQWU/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/O6YCHNLD7EXAOQNEQEG6ITDQWU/action/timestamp_anchor","attest_storage":"https://pith.science/pith/O6YCHNLD7EXAOQNEQEG6ITDQWU/action/storage_attestation","attest_author":"https://pith.science/pith/O6YCHNLD7EXAOQNEQEG6ITDQWU/action/author_attestation","sign_citation":"https://pith.science/pith/O6YCHNLD7EXAOQNEQEG6ITDQWU/action/citation_signature","submit_replication":"https://pith.science/pith/O6YCHNLD7EXAOQNEQEG6ITDQWU/action/replication_record"}},"created_at":"2026-05-17T23:55:09.860142+00:00","updated_at":"2026-05-17T23:55:09.860142+00:00"}