The problem today is that no agreed set of standards exists. We have widely disparate views of what these should be. Everybody has their own favourites. In one camp, we have people who believe the future is a completely new set of digital identity technologies: blockchains, DIDs, new cryptographic algorithms, and the DIDComm protocol stack (which is really little more than S/MIME with onion routing), and those like myself who believe we should build the verifiable credential digital identity eco-system on today’s existing ubiquitous standardised protocols and cryptography, such as X.509, OpenID Connect, W3C Web Authentication (FIDO2) and JWTs.
More FIDO in the News
ZDNet: Two years in, Google says passkeys now protect more than 400 million accounts
Google Account users have authenticated themselves using passkeys more than 1 billion times, but passwords…
Google Blog: Passkeys, cross-account protection and new ways we’re protecting your accounts
For World Password Day, we’re sharing updates to passkeys across our products and sharing more…
CNET: World Password Day: We’re closer to ditching this crackable tech
Passkeys promise to be a big help, but until they take hold, we all need…
