Re: Solutions to the NASCAR problem?

On 11/21/2015 12:41 PM, Joerg.Heuer@telekom.de wrote:
> Hello all,
> 
> One of the main benefits to the 'wallet'-approach is, that the 
> negotiation between  the RP and the user's 'wallet' just doesn't
> have this problem at all.
> 
> Once the RP sends a statement about what 'instruments' and IdPs it 
> accepts, it's up to the 'wallet' of the user to figure out what to 
> use. Could be very plain and offer all matches to the user to make a 
> pick or it can be way more sophisticated and implement the user's 
> policy according to context.

Yes, one way or another the "wallet" will be aware of what options are
available and can decide what to use algorithmically or present choices
to the user. Part of what is being discussed here, however, is how the
browser knows about your "wallet" and therefore what options have been
associated with the user. It could be through a registration process
that must be repeated on every device/platform, there could be some
syncing protocol, or there could be a discovery mechanism.

There is overlap here with what's being discussed for Web Payments and
with Credentials. In the Credentials CG, we want the "wallet" to be
associated with the user (credential holder), so it can follow you
around, instead of being strongly linked to a particular platform or
device (this causes lock in and reduces user choice and competition).

Therefore, a discovery mechanism is implemented in the demo. We have
more work to do to better demonstrate that this can be used across
different devices.

> 
> And yes, FIDO should be among the technologies employed I'd say.
> 
> Cheers, Jörg
> 
> -----Original Message----- From: Dave Longley 
> [mailto:dlongley@digitalbazaar.com] Sent: Samstag, 21. November 2015 
> 16:31 To: Anders Rundgren; W3C Credentials Community Group; 
> public-webid@w3.org Subject: Re: Solutions to the NASCAR problem?
> 
> On 11/21/2015 02:11 AM, Anders Rundgren wrote:
>> I'm interested hearing what's available and what's cooking: 
>> http://indiewebcamp.com/NASCAR_problem
>> 
>> Just the core (and links), no TL;DR BS please.
> 
> There's a very simple demo here:
> 
> https://authorization.io
> 
> It involves technology intended to solve the NASCAR problem. In step 
> 2, the site you log into only needs to provide a login button; the 
> browser will take care of the rest (finding out your IdP, etc).
> 
> -- Dave Longley CTO Digital Bazaar, Inc.
> 


-- 
Dave Longley
CTO
Digital Bazaar, Inc.

Received on Saturday, 21 November 2015 18:18:16 UTC