- From: Herbert Snorrason <odin@anarchism.is>
- Date: Thu, 29 May 2014 19:38:27 +0000
- To: public-webpayments@w3.org
- Message-ID: <53878CB3.7020304@anarchism.is>
On mið 28.maí 2014 17:12, Anders Rundgren wrote: > A "funny" thing is that the current U2F specification squarely > matches the needs of WebPayments and WebID due to U2F's SOP-based > trust model. What's the first factor? If U2F is "ubiquitous second factor", you still need the first factor to log in. Not to mention the identity itself. So the best-case scenario here is that U2F helps fill into the immediate "how do I log in" question - but the question we've been talking the most about is "how do we make identity information shareable in a standard way". Flatly, I don't see how anything in either WebID or Identity Credentials clashes with the use of U2F. Sure, both specify their own, distinct, authentication mechanisms - but the identity management aspects are pretty clearly distinct, focus on issues that it appears to me U2F does not, and _do not mandate the use of the authentication mechanism_. So what's the issue, exactly? Apart from the fact that differences between WebID and Identity Credentials are non-existent aside from the fact that one is specified in terms of RDF and the other is specified in terms of JSON and uses JSON-LD to map that to RDF? With greetings, Herbert Snorrason
Received on Thursday, 29 May 2014 19:39:08 UTC