- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Thu, 03 Jul 2014 17:01:31 -0400
- To: public-webpayments@w3.org, "public-rww@w3.org" <public-rww@w3.org>, "public-webid@w3.org" <public-webid@w3.org>, Peter Williams <home_pw@msn.com>
- Message-ID: <53B5C4AB.80103@openlinksw.com>
On 7/3/14 2:07 PM, Reutzel, Bailey wrote: > > BitPay's proposal for passwordless > authentication:http://blog.bitpay.com/2014/07/01/bitauth-for-decentralized-authentication.html > > Thought you all would be interested. J > > -B > > > "This communication is intended solely for the addressee and is > confidential and not for third party unauthorized distribution" It claims the following advantages over alternatives: 1. Only a compromise of the client machine can endanger the system's security. 2. Because the private key is never revealed to the server, it does not need to be exchanged between the server and client over a side channel like in HMAC. 3. Easy to implement wherever the Bitcoin protocol is implemented. 4. Decoupled from Bitcoin addresses, allowing for a more explicit separation from financial transactions and allowing for greater privacy. 5. Identity becomes portable --- the same identity can be used on multiple services, letting you take your identity with you. 1-5 also apply to WebID-TLS, basic TLS etc.. What am I missing here, beyond Elliptic-Curve Cryptography (ECC) over RSA (where perceived NSA collusion assumptions are the biggest issue) ? [1] http://linkeddata.uriburner.com/about/id/entity/http/crypto.stackexchange.com/questions/1190/why-is-elliptic-curve-cryptography-not-widely-used-compared-to-rsa -- Linked Data URI for an interesting random doc about ECC vs RSA from StackOverFlow -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog 1: http://kidehen.blogspot.com Personal Weblog 2: http://www.openlinksw.com/blog/~kidehen Twitter Profile: https://twitter.com/kidehen Google+ Profile: https://plus.google.com/+KingsleyIdehen/about LinkedIn Profile: http://www.linkedin.com/in/kidehen Personal WebID: http://kingsley.idehen.net/dataspace/person/kidehen#this
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Thursday, 3 July 2014 21:01:58 UTC