- From: Tim Holborn <timothy.holborn@gmail.com>
- Date: Fri, 18 Jul 2014 18:52:19 +1000
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- Cc: "public-webid@w3.org" <public-webid@w3.org>
Received on Friday, 18 July 2014 08:55:34 UTC
an interesting example. see: https://www.respectnetwork.com/ and all the info http://info.respectnetwork.com/ - seems like it’s saying the right things, yeah? looks awesome from a non-specialist point of view. Yet - when you sign-up on the homepage: https://www.respectnetwork.com/ - how’s the AUTH / UserID system actually work? Does anyone know? On 18 Jul 2014, at 6:47 pm, Anders Rundgren <anders.rundgren.net@gmail.com> wrote: > The Decentralized Web requires Decentralized Authentication, right? > +1 > WebID-TLS have the basics but fails UI-wise due to in its inability separating the > certificates that actually are intended for usage with WebID-TLS. Most other > authentication-schemes also operate on the application-level which has several > implementation-advantages. > > Does OpenID qualify? > IMO, OpenID doesn't offer a reasonable user-experience unless the browser in some > way lists the actual user's IdP-alternatives. Is this maybe already implemented? > If not, I would say that the fully decentralized web so far remains vapor-ware. > > Is there another alternative? Yes, using WebID-TLS certificates but architecting > the solution like the FIDO/Google U2F scheme (JSON-based challenge-response). > Or is Google the only party who can do things like that? > > Cheers, > Anders >
Received on Friday, 18 July 2014 08:55:34 UTC