Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

General Improvements #2

Closed
jaxoncreed opened this issue Aug 12, 2019 · 3 comments
Closed

General Improvements #2

jaxoncreed opened this issue Aug 12, 2019 · 3 comments

Comments

@jaxoncreed
Copy link
Contributor

jaxoncreed commented Aug 12, 2019
edited by dmitrizagidulin
Loading

General ideas for improvement

  • Formalize the PoP token standard
  • Find the correct approach to do multi-RS authentication (try to make it as close to what currently exists)
  • Use of self signed authentication (without an identity provider)
  • Document differences between in-browser apps and services
  • Interop with other decentralized auth
    • DID Auth
  • Multi User Device auth (with alternative sensors ie no keyboard or mouse)
  • Biometrics authentication
  • Opaque authentication (accept claims without telling a resource server who you are)
  • Verifiable claims (property based authentication)
  • WebAuthn
  • WebID-TLS
  • HTTP2 enabled?
  • WebSocket authentication
  • Interop with SAML and ActiveDirectory (Other IDPs)
  • Keeping Storage system implementations simple (Don't have a ton of different ways for storage servers to confirm identity)
@elf-pavlik
Copy link
Member

Keeping Storage system implementations simple (Don't have a ton of different ways for storage servers to confirm identity)

IDPs can have great variety of authentication, this way person can choose their IDP that supports what they need and participate in any group WAC controlled storage which only needs to support common standard (if possible one).

@zenomt
Copy link
Contributor

zenomt commented Aug 13, 2019

Use of self signed authentication (without an identity provider)

as we discussed on the call, supporting the magic issuer https://self-issued.me and a public key in the profile isn't that much work, but it does require a little bit of special-case code. the benefits are:

  • marginally easier to set up on an ordinary static web server
  • enables on-device authentication (for example, a native app on a mobile device) using the self-issuer workflow envisioned by OIDC

@zenomt zenomt mentioned this issue Mar 8, 2022
Open
@elf-pavlik elf-pavlik mentioned this issue Oct 15, 2019
Closed
@elf-pavlik
Copy link
Member

I think we should copy original comment to https://github.com/solid/authentication-panel/tree/master/meetings and close this issue

We already have other issues capturing most of the points

If someone see need to create specific issue, which we can close by following up on it with PR, one can do it before or after closing this issue.

@elf-pavlik elf-pavlik mentioned this issue Oct 15, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@elf-pavlik @jaxoncreed @zenomt