Drawbacks of current identity-management/authentication systems:
– Providers can go out of business/identity bound to service provider
– Servers can fail by technical failures or Denial-of-Service attacks
– Different service providers mean different identities/no globally unique identities
– Service providers can (be forced to) forge identities
The Namecoin project has extended the Bitcoin blockchain-concept to self-register globally unique human-readable names and publish a data set for each globaly unique name (https://wiki.namecoin.info/index.php?title=Identity, https://en.wikipedia.org/wiki/Namecoin). As storage and signing of a blockchain are done decentralized the registrations and the content of the data set cannot be forged. So I suggest to implement an authentication blockchain into browsers to register globally unique usernames and authenticate with services.
The Blockchain would just publish the tupel (<self-registered globally unique human-readable username>;<asymmetric public key>). When a user logs in at a service with his username the service queries the blockchain for the corresponding asymmetric public key and does a Challenge-response-authentication.
– No providers -> no manipulation/discontinue of service
– No servers -> no outtages/DoS-vulnerability
– Globally unique identity per user
– Unlimited number of pseudonyms per user by additonal identities
– Secure login with asymmetric keys -> no password reuse/social engineering
– Any user/company/group/service/application can use ONE global authentication system with globally unique usernames
The NameID-Project (https://nameid.org/) uses the Namecoin blockchain as database-backend for the OpenID protocol. That way all Namecoin user-IDs are available via OpenID. Instead browsers should be able to access the blockchain directly.
If RTCweb is used as blockchain transport protocol browsers can participate as blockchain nodes without additional bridges/connectors/servers.
What do you think?