- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Fri, 18 Jul 2014 10:47:27 +0200
- To: "public-webid@w3.org" <public-webid@w3.org>
The Decentralized Web requires Decentralized Authentication, right? WebID-TLS have the basics but fails UI-wise due to in its inability separating the certificates that actually are intended for usage with WebID-TLS. Most other authentication-schemes also operate on the application-level which has several implementation-advantages. Does OpenID qualify? IMO, OpenID doesn't offer a reasonable user-experience unless the browser in some way lists the actual user's IdP-alternatives. Is this maybe already implemented? If not, I would say that the fully decentralized web so far remains vapor-ware. Is there another alternative? Yes, using WebID-TLS certificates but architecting the solution like the FIDO/Google U2F scheme (JSON-based challenge-response). Or is Google the only party who can do things like that? Cheers, Anders
Received on Friday, 18 July 2014 08:47:58 UTC