[Openid-specs-ab] FED CM @ BlinkOn
Tom Jones
thomasclinganjones at gmail.com
Thu Nov 18 02:29:13 UTC 2021
Presentation by dsinclair at chromium.og
https://www.youtube.com/watch?v=9la0cBhVXac
Dan Sinclair & Yi Gu with Sam Goto answering questions.
points from me
1 Google wants to get rid of user name password for a more secure web.
2 Google cannot distinguish between a tracking cookie and a 3rd party logon
3 Google wants to preserve and elevate for a more private web
4 Not clear if that means a different web or to improve the one we got
5 3rd party cookies will be turned off in 2023
6 Origin trials early 2022 - no hard date for general availability.
7 spec completed sooner rather than later??
8 the browser will supply apis, the RPs will need to adapt.
9 his 1st diagram shows a back channel from IdP to RP
10 his network diagram claims there is not a direct connection
10 network does show a promise which flows from the UA to RP - typo?
11 the IdP publishes yet another endpoint for fed cm to browser
12 unclear if IdP data is available via api - that could be bad?
13 api built on top of cred man api
14 a scary ui is proposed - will users accept?
15 unclear how much RP needs to change - more if logout needed
16 only mobile at the current time
17 not a good solution, just trying to prevent the web from breaking.
[image: Fed CM BlinkOn 15.png]
..tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20211117/04f6d484/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Fed CM BlinkOn 15.png
Type: image/png
Size: 122040 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20211117/04f6d484/attachment.png>
More information about the Openid-specs-ab
mailing list