Merge rationale and motivation - the answer the same question: "why"

2018-09-24 05:25:43 +00:00
parent 465cc9cd24
commit 8f5b29881b
1 changed files with 3 additions and 9 deletions
@@ -10,7 +10,9 @@ CashID is an open protocol that allows secure authentication based on the public

 # Motivation

-Secure authentication and safe storage of credentials is useful for many things, and with added metadata we enable the following usecases:
+Passwords is an inherently flawed concept based on sharing secrets that is increasingly getting hidden away from the users by means of password managers, permanent sessions and single-signon features. Public key cryptography provides a more secure method for authentication where the users secret is never shared.
+
+Secure authentication with optional metadata is useful, for example to...

 * Register to a service as a 1-step process.
 * Register to a service automatically as part of a payment.
@@ -20,14 +22,6 @@ Secure authentication and safe storage of credentials is useful for many things,



-# Rationale
-
-Passwords is an inherently flawed concept (based on sharing secrets) that is increasingly getting hidden away from the users by means of password managers, 'remember me' and single-signon features. Public key cryptography provides a more secure method for authentication where the users secret is never shared.
-
-The problem with public key infrastructure is that managing private keys securely is complex, but this complexity is now being addressed in the cryptocurrency ecosystem which makes it possible to safely implement a better authentication system.
-
-
-
 # Specification

 When a user needs to access a restricted area (physically or digitally), they are given a **Challenge request** by the service provider. This request can be transmitted as QR code, by NFC touch or by any other implementation specific transmission method. The identity manager presents the request information to the end-user and allows the them to choose a suitable keypair to represent their identity.