Web-NFC. Was: Centralization dangers of applying OpenID Connect to wallets protocols (was: Re: 2022-2026 Verifiable Data Standards Roadmap [DRAFT])

Since the original topic is extremely large, I take the liberty focusing on a related item which I have been actively involved in.

Google and Intel have created an API that makes it possible reading and writing certain types of RFID tags from a mobile browser.  That's fine but this use case is already supported by much more powerful native apps.

I claimed early on (and to no avail), that mobile devices (phones) with native apps interacting with Web pages running in desktop computers have lots of already established applications that could benefit from a better solution.

The current solution to this generic use case are QR codes which require you to manually start a specific application, alternatively provide some private information which can be used for Web push.

Since QR codes do not provide the security context of the Web page, this solution is susceptible to phishing.


The only people outside of Google and Intel who have been visible in this activity are RFID vendors.  The payment industry were not there.  The same goes for the identity folks.

I would like to restart this activity but not alone.  Getting NFC back in PCs will not happen overnight, if ever.

Thanx,
Anders
https://github.com/w3c/web-nfc/issues/128

Received on Saturday, 19 March 2022 06:49:53 UTC