Unit 1. Server Keys.
We introduce Server Keys and a new Contact Blob. This new Contact Blob can be a capability or a new Blob kind called attestation.
Server Key
Server Account. (Are we sure it is not a Peer Key?)
Contact Blob
Contact Blob is distributed to the network. Every node will now know about the UserID and Session Key.
SIGNED BY SERVER
<server key> attests that UserID owns <session Key> Session Key
Session Key is Public/Private Key stored on the Browser.
Q: Is this an Edge Name?
Q: Is data signed on a Site linked to your Web Identity?
Multiple attestations for one key is ok.
Unit 2 Account creation and Sign in.
Account creation:
Email + Magiclink
Email + Passwd.
Social (Google, X, Bsky, etc..)
Appkey
Sign in Flow:
Generate Web Crypto in browser.
Sign Proof with Key
Server attests key + User ID
Q: Who is controlling the software at the time of signing?
Session 3. Merging Accounts.
Merge to hyper.media
Merge into Seed ID wallet ie Desktop or Mobile App.
Session 4. Upgrade Web Identity to App Identity
Desktop or Mobile is just another server, but w/o domain.
Q. How to upgrade web identity to App Id.
Desired Outcome:
content
App Key ID = userid@gabo.es
Signed by: key of gabo.es
Key of the <APP>Q. How to distinguish sign in as X versus x+y?
Q. Revocations.
Q. Eject from Web ID.
Session 5. Revocations
Do you like what you are reading? Subscribe to receive updates.
Unsubscribe anytime