- From: Andrei Sambra <andrei.sambra@gmail.com>
- Date: Tue, 8 Oct 2013 11:02:12 +0200
- To: "public-rww@w3.org" <public-rww@w3.org>, public-webid <public-webid@w3.org>
Received on Tuesday, 8 October 2013 09:03:00 UTC
>From https://www.grc.com/sqrl/sqrl.htm : "The website's login presents a QR code containing the URL of its authentication service, plus a nonce. The user's smartphone signs the login URL using a private key derived from its master secret and the URL's domain name. The Smartphone sends the matching public key to identify the user, and the signature to authenticate it." While it does replace classic username/password authentication, it does not allow you to provide additional information (e.g. photo, name/nick, etc.). Still, maybe worth investigating in the scope of WebID. Best, Andrei
Received on Tuesday, 8 October 2013 09:03:00 UTC