Search results

THIS IS A READ-ONLY ARCHIVE OF THE SQRL PROJECT FORUM
  1. shanedk

    SQRL OAuth 2.0 Provider

    Yeah, that was headed up by Adam Conley. I was relying on him for things like the major formatting and how the whole thing works. I was just contributing copy. When he disappeared, I didn't know how to continue working with it. I still have it if someone else wants to join in. I think though...
  2. shanedk

    SQRL OAuth 2.0 Provider

    If I had the knowledge and ability, I'd spearhead this myself. But I'd gladly assist anyone who could.
  3. shanedk

    SQRL OAuth 2.0 Provider

    Take a tip from the cryptocurrency community. The tactic wasn't to get firms to take crypto exclusively, just to have it as an option alongside regular payment methods. Adoption is slow, but progressing. SQRL could be the same way. Also, crypto wallets have shown better ways of doing things...
  4. shanedk

    SQRL OAuth 2.0 Provider

    As much as I appreciate what Jose is doing, I would say that this emphasizes the need for native modules that can be plugged into any website directly, without relying on any third party.
  5. shanedk

    Android v1.7.0 (Alpha)

    IIRC, in the Android app it lasts 24 hours (or maybe I changed that in mine). In either event, if you have some other security feature such as biometrics activated, the app will use that instead of the QuickPass.
  6. shanedk

    SQRL OAuth 2.0 Provider

    The ability of someone to manage their linked accounts on your site is an interesting wrinkle. But if the login to sqrloauth.com (I'll call that the "master account") is separate to the actual site logins, then now all you're worried about is a site compromise. Is there a reason for the site...
  7. shanedk

    SQRL OAuth 2.0 Provider

    It looks like they all log in as sqrloauth.com. This could be a potential privacy issue as every website would end up with the same public key, leading to the ability to associate the user across websites. Suggestion, if this is feasible: give each site its own special SQRL URL, such as...
  8. shanedk

    Slack Channel for SQRL Developers

    No, it says it's no longer active.
  9. shanedk

    Slack Channel for SQRL Developers

    That's a SQRLforNET invite, not https://sqrl-devs.slack.com/.
  10. shanedk

    Slack Channel for SQRL Developers

    Did this ever get off the ground? If so, how can we get an invite?
  11. shanedk

    Videos demonstrating SQRL

    A few weeks ago, I demonstrated SQRL for my largely non-techie audience, and I'll repost that here for the convenience of those who don't want to scroll up: So earlier today I did a follow-up on actually going through the process of creating an identity: (The part that's probably the most...
  12. shanedk

    SQRL client feature comparison

    Steve's client works under Linux with WINE.
  13. shanedk

    UX Help welcome

    To be clear, it was never the notification I was complaining about. It's the fact that tapping it clears the QuickPass. In every other case, tapping the notification launches the app.
  14. shanedk

    UX Help welcome

    I posted this on another thread, but it's a UX issue so I'll mention it here, too. I see absolutely no reason to have the notification clear the QuickPass. Tapping the notification should launch the app; as it is the user (uselessly, so it seems) has to go searching for the app to pull it up...
  15. shanedk

    UX Help welcome

    I find it very easy to explain SQRL to cryptocurrency fans since a lot of the same concepts apply.
  16. shanedk

    SQRL client feature comparison

    CPS should be active wherever you have same-device login. So if you're visiting a SQRL-enabled site on your mobile phone, and you tap the link, the mobile SQRL app on that phone will be able to authenticate with CPS. By the way, it stands for Client Provided Session, because the SQRL app gets a...
  17. shanedk

    UX Help welcome

    I know it'll have to adapt, but as it is it's completely non-obvious. I understand very well the importance of checking the domain name and even I find myself overlooking it. @Steve has a solution in the client where once it gets so long you show it like llanfairpwll[...]gogogoch.co.uk or...
  18. shanedk

    UX Help welcome

    This is more of a security thing than a user-friendly thing, but the domain name needs to be MUCH more in-your-face, especially when using the fingerprint login. I'm attaching how it looks now, along with a mockup of something more along the lines of how it should look. I know a lot of domain...
  19. shanedk

    SQRL client feature comparison

    That might have been it: trying to get it to work unspoofably might be more trouble than it's worth.
  20. shanedk

    SQRL client feature comparison

    I mentioned one time putting the certificate fingerprint into the QR code so the external device, if it receives a cert from the website with a different fingerprint, will know something's wrong. I can't remember the reason for not doing that now.