The problem today is that no agreed set of standards exists. We have widely disparate views of what these should be. Everybody has their own favourites. In one camp, we have people who believe the future is a completely new set of digital identity technologies: blockchains, DIDs, new cryptographic algorithms, and the DIDComm protocol stack (which is really little more than S/MIME with onion routing), and those like myself who believe we should build the verifiable credential digital identity eco-system on today’s existing ubiquitous standardised protocols and cryptography, such as X.509, OpenID Connect, W3C Web Authentication (FIDO2) and JWTs.
MORE FIDO in the News
Tagesspiegel Background: Man against machine against man
The goal of cybersecurity should not be to become better...December 8, 2023
IT Pro: Passkeys, a passwordless authentication solution supported by major tech companies, provide a secure alternative using public key cryptography
Built on the WebAuthentication standard, they eliminate traditional password challenges....
WSJ: 23andMe Hack Is a Wake-Up Call for Your Password Habits
The recent 23andMe breach, exposing personal information belonging to 6.9...