20C/ Browsers, Privacy and Federation (Cookies, WebID, CHAPI, etc)

From IIW

Browsers, Privacy & Federation (Cookies, WebID, CHAPI, etc)


Thursday 20C

Convener: Sam Goto

Notes-taker(s)


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps


CHAPI (Dimitri Z):

  • Worked on solid

  • Ran into the the nascar flag problem

  • We ran into many cases where we could use the help from the browser

  • Introduction to CHAPI

  • CHAPI standards for Credential Handler API

  • (shows polyfill demo)

  • https://chapi-demo-wallet.digitalbazaar.com/

  • The cost of mediation is ossification that you pay for increased privacy/security

  • https://github.com/digitalbazaar/credential-handler-polyfill

  • https://w3c-ccg.github.io/credential-handler-api/

  • game theory analysis?

  • Judith: does this work in EDU/Enterprise use cases?

  • Charles: mobile wallets?

  • QUESTION(goto): What problem is CHAPI solving? The nascar flag? Evidence of demand?

    • David Waite: NASCAR FLAG is more prominent on EDU where you can sign-in with multiple universities (say, thousands) on a specific relying party.

    • David: currently, there are some third parties (seamingless?) that try to help with that will manage your relationship. identity verification, etc.

    • David: even infrastructure as wifi is something that you can use your university credentials to get access to wifi (eduROAM).

    • Currently works as "pick your universities out of these many logos"

  • QUESTION(goto): Can it be polyfilled? If so, why? openconnect.org? Payments Handler API?

  • ZCAP-LD or GNAP?

  • George: this solves the IDP tracking problem in a very interesting way.

  • https://w3c-ccg.github.io/ldp-bbs2020/

Retrieved from "https://iiw.idcommons.net/index.php?title=20C/_Browsers,_Privacy_and_Federation_(Cookies,_WebID,_CHAPI,_etc)&oldid=23450"