W3C home > Mailing lists > Public > public-webauthn@w3.org > May 2021

Re: [webauthn] Can the private keys be used for other cryptographic operations? (#1595)

From: Daniel via GitHub <sysbot+gh@w3.org>
Date: Sat, 01 May 2021 12:36:10 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-830625894-1619872569-sysbot+gh@w3.org>
@certainlyNotHeisenberg Webauthn is already integrated into browsers - that's great. Awesome work, and nothing but my full appreciation on this. 

Big Corp, has no way to push this tech to their users, too much friction to force a user to get a hardware key, so they only use this as an alternative to OTP (authenticator apps). Adoption is low, why compromise UX (and 20 yeard old habits) over slightly better security, people also do not see the advantage of replacing a free Google Authenticator app with a paid hardware key.

My point, there is a new wave of blockchain apps that NEED the security this thing was designed for. It's the missing piece.
People need to be free of passwords, magic link emails and OTP codes.  
Email transitioned from a way to say "How are you Joe" to being a "Vault". Imagine  keeping your life savings in your letter box.  
Developers need to be free of beign in charge of their user's security. I don't want to be a custodian, but I'm forced to.
Blockchain is the new web, you should design for the future.




-- 
GitHub Notification of comment by cybercent
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1595#issuecomment-830625894 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Saturday, 1 May 2021 12:36:12 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:43 UTC