W3C home > Mailing lists > Public > public-credentials@w3.org > April 2018

Re: Question: WebAuthn announcement -- relation to DIDs?

From: David Chadwick <D.W.Chadwick@kent.ac.uk>
Date: Thu, 12 Apr 2018 17:43:03 +0100
To: public-credentials@w3.org
Message-ID: <1710e089-cea1-4345-5984-8c6ccec7a5a4@kent.ac.uk>
Hi Steven

perhaps an even more pertinent question is "how does Web Auth fit with
Verifiable Credentials?"

The answer to this is that it fits very nicely. Our implementation of
VCs used FIDOv1, the precursor to Web Auth (Fido v2). We plan to migrate
to Web Auth and IETF token binding later this year

regards

David


On 12/04/2018 17:21, Steven Rowat wrote:
> Greetings,
> 
> The Guardian yesterday had a story of what appears to be a major
> announcement about how WebAuthn will replace passwords:
> 
> https://www.theguardian.com/technology/2018/apr/11/passwords-webauthn-new-web-standard-designed-replace-login-method
> 
> 
> This included a quote showing that this is a W3C project:
> 
> “WebAuthn will change the way that people access the Web,” said Jeff
> Jaffe, chief executive of the World Wide Web Consortium (W3C), the body
> that controls web standards."
> 
> And after looking at the recent API spec itself, I see that it's a FIDO
> project, and so supported by Google, Microsoft, Paypal, and also Mozilla:
> 
> http://www.w3.org/TR/2018/CR-webauthn-20180320/
> 
> My Question:
> 
> Is there any expected or known relationship between WebAuthn and the use
> of DIDs? ie., Can WebAuthn be used with DIDs? Will the uptake of
> WebAuthn preclude or inhibit the use of DIDs?
> 
> ie., Are DID Docs and WebAuthn in competition, or are they complementary?
> 
> Steven
> 
> 
> 
> 
> 
> 
Received on Thursday, 12 April 2018 16:43:36 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:26 UTC