Blockchain-based global authentication system

RESOLVED INVALID

Status

()

Core
Identity
RESOLVED INVALID
4 years ago
4 years ago

People

(Reporter: Rene "Renne" Bartsch, Unassigned)

Tracking

({sec-want})

Trunk
sec-want
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: authentication, Persona, URL)

(Reporter)

Description

4 years ago
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0
Build ID: 20140924083558

Steps to reproduce:

I tried to find a usable system for global identity management.


Actual results:

All systems are based on service providers.

Drawbacks:
- Providers can go out of business
- Servers can fail by technical failures or Denial-of-Service attacks
- Different service providers mean different identities
- Service providers can (be forced to) forge identities



Expected results:

The Namecoin project has extended the Bitcoin blockchain-concept to self-register globally unique human-readable names and publish a data set for each globaly unique name (https://wiki.namecoin.info/index.php?title=Identity, https://en.wikipedia.org/wiki/Namecoin). As storage and signing of a blockchain are done decentralized the registrations and the content of the data set cannot be forged. So I suggest to implement a blockchain into mozilla products to register globally unique names and authenticate with services (asymmetric key pair of blockchain account).

Benefits:
- No providers -> no manipulation/discontinue of service
- No servers -> no outtages/DoS-vulnerability
- One globally unique identity per user
- Unlimited number of pseudonyms per user by additonal identities
- Secure login with asymmetric keys -> no password reuse/social engineering

As transport protocol I suggest RTCweb to allow browsers to participate without additional bridges/connectors.
(Reporter)

Updated

4 years ago
Keywords: sec-want
OS: Linux → All
Hardware: x86_64 → All
Whiteboard: authentication, Persona
If you want to start a discussion about adding a feature to a mozilla product, please use a mailing list.

If you want to discuss identity, dev-identity might be a good start. Otherwise, maybe dev-platform?

Closing. Best of luck :-)
Status: UNCONFIRMED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.