- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Fri, 18 Jul 2014 11:04:23 +0200
- To: Tim Holborn <timothy.holborn@gmail.com>
- CC: "public-webid@w3.org" <public-webid@w3.org>
- Message-ID: <53C8E317.7060709@gmail.com>
On 2014-07-18 10:52, Tim Holborn wrote: > an interesting example. > > see: https://www.respectnetwork.com/ and all the info http://info.respectnetwork.com/ - seems like it’s saying the right things, yeah? looks awesome from a non-specialist point of view. IMO, a properly working, open and truly decentralized authentication solution wouldn't need a "help fund this button". Anders > > Yet - when you sign-up on the homepage: https://www.respectnetwork.com/ - how’s the AUTH / UserID system actually work? Does anyone know? > > On 18 Jul 2014, at 6:47 pm, Anders Rundgren <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> wrote: > >> The Decentralized Web requires Decentralized Authentication, right? >> > +1 >> WebID-TLS have the basics but fails UI-wise due to in its inability separating the >> certificates that actually are intended for usage with WebID-TLS. Most other >> authentication-schemes also operate on the application-level which has several >> implementation-advantages. >> >> Does OpenID qualify? >> IMO, OpenID doesn't offer a reasonable user-experience unless the browser in some >> way lists the actual user's IdP-alternatives. Is this maybe already implemented? >> If not, I would say that the fully decentralized web so far remains vapor-ware. >> >> Is there another alternative? Yes, using WebID-TLS certificates but architecting >> the solution like the FIDO/Google U2F scheme (JSON-based challenge-response). >> Or is Google the only party who can do things like that? >> >> Cheers, >> Anders >> >
Received on Friday, 18 July 2014 09:04:55 UTC