Re: Strong authentication for PayPal versus WebPayments

On 2014-05-07 10:02, Timothy Holborn wrote:
> I've found server-side source for u2f.
> 
> Therefore, I imagine it could be packaged with a cloud-storage service (like rww.io)

Yes, U2F will work fine if we limit ourselves to 2-3 identity providers.
In that case Google and Facebook remain the only viable alternatives which
I don't think was the goal for WebPayments, WebID or any other web-system
based on decentralization.

Anders

> 
> Sent from my iPad
> 
>> On 7 May 2014, at 3:47 pm, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:
>>
>> Please, this posting is about strong authentication from a technical point of view and
>> has nothing to do with linked data etc...
>>
>> PayPal is a member of the FIDO alliance, the SDO behind U2F.  U2F is optimized and
>> architected for SOP (Same Origin Policy) operation which makes it a perfect fit for
>> super-providers like PayPal, Google and Facebook.
>>
>> The problem as I see it, is that there are no counterparts to U2F for the "distributed web".
>> Well, actually there are, but the issue haven't really been recognized yet :-)
>>
>> Anders
>>

Received on Wednesday, 7 May 2014 08:23:52 UTC