- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Sat, 21 Nov 2015 13:17:43 -0500
- To: Joerg.Heuer@telekom.de, anders.rundgren.net@gmail.com, public-credentials@w3.org, public-webid@w3.org
On 11/21/2015 12:41 PM, Joerg.Heuer@telekom.de wrote: > Hello all, > > One of the main benefits to the 'wallet'-approach is, that the > negotiation between the RP and the user's 'wallet' just doesn't > have this problem at all. > > Once the RP sends a statement about what 'instruments' and IdPs it > accepts, it's up to the 'wallet' of the user to figure out what to > use. Could be very plain and offer all matches to the user to make a > pick or it can be way more sophisticated and implement the user's > policy according to context. Yes, one way or another the "wallet" will be aware of what options are available and can decide what to use algorithmically or present choices to the user. Part of what is being discussed here, however, is how the browser knows about your "wallet" and therefore what options have been associated with the user. It could be through a registration process that must be repeated on every device/platform, there could be some syncing protocol, or there could be a discovery mechanism. There is overlap here with what's being discussed for Web Payments and with Credentials. In the Credentials CG, we want the "wallet" to be associated with the user (credential holder), so it can follow you around, instead of being strongly linked to a particular platform or device (this causes lock in and reduces user choice and competition). Therefore, a discovery mechanism is implemented in the demo. We have more work to do to better demonstrate that this can be used across different devices. > > And yes, FIDO should be among the technologies employed I'd say. > > Cheers, Jörg > > -----Original Message----- From: Dave Longley > [mailto:dlongley@digitalbazaar.com] Sent: Samstag, 21. November 2015 > 16:31 To: Anders Rundgren; W3C Credentials Community Group; > public-webid@w3.org Subject: Re: Solutions to the NASCAR problem? > > On 11/21/2015 02:11 AM, Anders Rundgren wrote: >> I'm interested hearing what's available and what's cooking: >> http://indiewebcamp.com/NASCAR_problem >> >> Just the core (and links), no TL;DR BS please. > > There's a very simple demo here: > > https://authorization.io > > It involves technology intended to solve the NASCAR problem. In step > 2, the site you log into only needs to provide a login button; the > browser will take care of the rest (finding out your IdP, etc). > > -- Dave Longley CTO Digital Bazaar, Inc. > -- Dave Longley CTO Digital Bazaar, Inc.
Received on Saturday, 21 November 2015 18:18:15 UTC