General Improvements - Githubissues

solid / authentication-panel

GitHub repository for the Solid Authentication Panel

MIT License

11 stars 15 forks source link

General Improvements #2

Closed jaxoncreed closed 4 years ago

jaxoncreed commented 5 years ago

General ideas for improvement

Formalize the PoP token standard
Find the correct approach to do multi-RS authentication (try to make it as close to what currently exists)
Use of self signed authentication (without an identity provider)
Document differences between in-browser apps and services
Interop with other decentralized auth
- DID Auth
Multi User Device auth (with alternative sensors ie no keyboard or mouse)
Biometrics authentication
Opaque authentication (accept claims without telling a resource server who you are)
Verifiable claims (property based authentication)
WebAuthn
WebID-TLS
HTTP2 enabled?
WebSocket authentication
Interop with SAML and ActiveDirectory (Other IDPs)
Keeping Storage system implementations simple (Don't have a ton of different ways for storage servers to confirm identity)

elf-pavlik commented 5 years ago

Keeping Storage system implementations simple (Don't have a ton of different ways for storage servers to confirm identity)

IDPs can have great variety of authentication, this way person can choose their IDP that supports what they need and participate in any group WAC controlled storage which only needs to support common standard (if possible one).

zenomt commented 5 years ago

Use of self signed authentication (without an identity provider)

as we discussed on the call, supporting the magic issuer https://self-issued.me and a public key in the profile isn't that much work, but it does require a little bit of special-case code. the benefits are:

marginally easier to set up on an ordinary static web server
enables on-device authentication (for example, a native app on a mobile device) using the self-issuer workflow envisioned by OIDC

elf-pavlik commented 4 years ago

I think we should copy original comment to https://github.com/solid/authentication-panel/tree/master/meetings and close this issue

We already have other issues capturing most of the points

Identity Broker Pattern solid/authentication-panel#5
consider support for OIDC self-issuer solid/solid-oidc#91
Alternative protocols for resolving WebIDs solid/authentication-panel#16
Authenticating Users solid/authentication-panel#27

If someone see need to create specific issue, which we can close by following up on it with PR, one can do it before or after closing this issue.