...
- creating new authentication requirements with US Gov
- specifically around anti-phising
- lots of case-studies of people implementing FIDO/"passwordless"
- Verizon, DNC, ebay, capitalone, microsoft, visa, fb
- deltect erp software, integrated to product
- blocker to adoption: user friendly recovery of lost credentials
- cross device key sharing, backup/recovery
- apple/google have proprietary ways to share keys between devices.
- contentious as one FIDO premise is the key won't leave the device
- apple/google have proprietary ways to share keys between devices.
- starting to look at MDL ISO 18013-5(?), combination session with OIDF
- there is also an AAMVA(american association of motor vehicles associations) rfp out, includes the public key directory
Alex Weinert at Microsoft enumerated attributes of a secure authentication credential:
Unguessable
Undisclosable
Multi-factor
Single--user
Local
Uninterceptable
Unphishable
Interesting that "strength" isn't in the list of attributes. ie is being discussed vs what is being taken for granted/table-stakes
...
- Joe - w/ FR IAM backgroud
- Scott
- Nancy
Regrets:
- George