Thinking about two-factor auth at a nano level, requiring human ... • Aaron Parecki

44°F

Thinking about two-factor auth at a nano level, requiring human confirmation before any client can actually post to your site via your micropub endpoint.

For example, I sign in to barnaby's experimental Taproot interface but don't trust it entirely yet. Instead of giving him blanket access to post to my site, every time his app makes a request to my micropub endpoint, it goes and asks me for confiramtion before publishing.

Either OOB confirmation (2-factor auth via SMS or something) or an OAuth-like confirmation dialog from the same browser window.

#indieauth #micropub #2fa

Portland, Oregon, USA

Wed, May 21, 2014 11:10pm -07:00 #indieauth #micropub #2fa

2 likes 1 reply
Have you written a response to this? Let me know the URL:
- http://acegiak.net acegiak.net/author/acegiak
  http://aaronparecki.com/: Thinking about two-factor auth at a nano level, requiring human confirmation before any client can actually post to your site via your micropub endpoint. For example, I sign in to barnaby’s experimental Taproot interface but don’t trust it entirely yet. Instead of giving him blanket access to post to my site, every time his app makes a request to my micropub endpoint, it goes and asks me for confiramtion before publishing. Either OOB confirmation (2-factor auth via SMS or something) or an OAuth-like confirmation dialog from the same browser window. #indieauth #micropub #2fa
  Thu, May 22, 2014 5:58pm +09:30

Posted in /notes