I've been brainstorming a lot honestly about the implications that simple proof of identity and proof of ownership can really imply. I honestly might try my hand at creating a full out replacement for existing authorization techniques sometime next year, I've got some ideas and frankly if it works it's so simple it's stupid lol.
It's so fascinating to me to realize that users being owners of their own private keys allows for us to create websites that don't rely on traditional registration flows, SSO, email addresses, password handling, or anything. It almost feels like cheating compared to the pain I've had to deal with in the corporate world implementing services like IdentityServer4 or Keycloak.
It's so fascinating to me to realize that users being owners of their own private keys allows for us to create websites that don't rely on traditional registration flows, SSO, email addresses, password handling, or anything. It almost feels like cheating compared to the pain I've had to deal with in the corporate world implementing services like IdentityServer4 or Keycloak.