How to fix authentication (was LinkedIn)
Alexander Harrowell
a.harrowell at gmail.com
Thu Jun 21 12:23:50 UTC 2012
On Thursday 21 Jun 2012 04:16:22 Aaron C. de Bruyn wrote:
> On Wed, Jun 20, 2012 at 4:26 PM, Jay Ashworth <jra at baylink.com> wrote:
> > ----- Original Message -----
> >> From: "Leo Bicknell" <bicknell at ufp.org>
> > Yes, but you're securing the account to the *client PC* there, not
to
> > the human being; making that Portable Enough for people who use and
> > borrow multiple machines is nontrivial.
>
> Or a wizard in your browser/OS/whatever could prompt you to put in a
> 'special' USB key and write the identity data there, making it
> portable. Or like my ssh keys, I have one on my home computer, one on
> my work computer, one on my USB drive, etc... If I lose my USB key, I
> can revoke the SSH key and still have access from my home computer.
>
> And I'm sure someone would come up with the 'solution' where they
> store the keys for you, but only you have the passphrase...ala
> lastpass.
>
> -A
As far as apps go, loads of them use OAuth and have a browser step in
their setup.
So this adds precisely one step to the smartphone sync/activation
process - downloading the key pair from your PC (or if you don't have a
PC, generating one).
that covers vendor A and most vendor G devices. "what about the feature
phones?" - not an issue, no apps to speak of, noOp(). "what about
[person we want to be superior to who is always female for some
reason]?" - well, they all seem to have iPhones now, so *somebody's*
obviously handholding them through the activation procedure.
obviously vendor A would be tempted to "sync this to iCloud"...but
anyway, I repeat the call for a W3C password manager API. SSH would be
better, but a lot of the intents, actions etc are the same.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120621/9053f12b/attachment.sig>
More information about the NANOG
mailing list