In 2015, two different groups of researchers (from Ruhr University Bochum and University of Trier) independently discovered new attacks on OAuth and OpenID Connect. At a meeting in Darmstadt, convened at short notice, researchers and members of the OAuth Working Group discussed the impact and potential mitigations of the attacks. The participants also identified the need for a better exchange between the groups to ensure that in the future, security research and standardization go hand in hand. This was the birth of the OAuth Security Workshop.

And while security is still the focus, the meeting has evolved to also be a working meeting to advance existing standards and sometimes also to start new ones.

OSW is the place to talk to world-leading identity experts, practicioners and researchers in an open, collaborative environment. This is the place to see what is brewing in the standardization groups, talk about the challenges you might be facing, and run your research by those people who live and breathe identity standards.

There is a conference part, where submitted and reviewed talks are presented and there is an unconference part, where everybody can propose sessions to tackle problems, deep-dive on particular topics, present the latest ideas, or work on something together. Social events ensure that there is time to talk outside the sessions.

Talks have to be focused on technical content and must not promote products or vendors. A program committee decides on whether submitted talks are accepted for presentation. (Occasional) company presentations by our sponsors are very brief and clearly marked.

Many attendees need early confirmation of their participation to secure travel funding from their employers. By having an early submission deadline, we can provide these attendees with a response in time for their budget requests. The second deadline allows us to accommodate those who may decide to participate closer to the event. It also enables us to cover more recent developments, ensuring that the conference covers the latest and most relevant topics.

We encourage you to submit by the first deadline if possible. This gives you an opportunity to refine and resubmit your proposal by the second deadline if the program committee suggests any improvements.

We (Daniel Fett, Guido Schmitz, Steinar Noem) run OSW, but there is no organization or company behind it. Each OSW is hosted by a different partner from around Europe — a University, a research group or organization, or a company. The host handles all the on-site organization and the budget. We handle all aspects of the program and work closely  with the host to deliver a unique experience for each event.

OSW is run as a non-profit event. Our hosts and sponsors help to pay for a large part of the expenses (e.g., venue, catering, social events), the tickets cover the rest.

Great, please talk to us! If you want to host the OSW, ideally, you should have attended an OSW or two before.