Self-registered globally unique human-readable usernames via blockchain [via User Identity on the Web Community Group] from W3C Community Development Team on 2014-10-26 (public-w3id@w3.org from October 2014)

From: W3C Community Development Team <team-community-process@w3.org>
Date: Sun, 26 Oct 2014 18:31:09 +0000
To: public-w3id@w3.org
Message-ID: <88b347566b07832258903dad31b9a6bf@www.w3.org>

Drawbacks of current identity-management/authentication systems:

- Providers can go out of business/identity bound to service provider
- Servers can fail by technical failures or Denial-of-Service attacks
- Different service providers mean different identities/no globally unique
identities
- Service providers can (be forced to) forge identities

The Namecoin project has extended the Bitcoin blockchain-concept to
self-register globally unique human-readable names and publish a data set for
each globaly unique name (https://wiki.namecoin.info/index.php?title=Identity,
https://en.wikipedia.org/wiki/Namecoin). As storage and signing of a blockchain
are done decentralized the registrations and the content of the data set cannot
be forged. So I suggest to implement an authentication blockchain into browsers
to register globally unique usernames and authenticate with services.

The Blockchain would just publish the tupel (;). When a user logs in at a
service with his username the service queries the blockchain for the
corresponding asymmetric public key and does a
Challenge-response-authentication.

Benefits:
- No providers -> no manipulation/discontinue of service
- No servers -> no outtages/DoS-vulnerability
- Globally unique identity per user
- Unlimited number of pseudonyms per user by additonal identities
- Secure login with asymmetric keys -> no password reuse/social engineering

- Any user/company/group/service/application can use ONE global authentication
system with globally unique usernames

The NameID-Project (https://nameid.org/) uses the Namecoin blockchain as
database-backend for the OpenID protocol. That way all Namecoin user-IDs are
available via OpenID. Instead browsers should be able to access the blockchain
directly.

If RTCweb is used as blockchain transport protocol browsers can participate as
blockchain nodes without additional bridges/connectors/servers.

What do you think?



----------

This post sent on User Identity on the Web Community Group



'Self-registered globally unique human-readable usernames via blockchain'

http://www.w3.org/community/w3id/2014/10/26/self-registered-globally-unique-human-readable-usernames-via-blockchain/



Learn more about the User Identity on the Web Community Group: 

http://www.w3.org/community/w3id

Received on Sunday, 26 October 2014 18:31:10 UTC