U-Prove seems to me to be pretty close to a perfect auth system. It is possible to disclose only specific attributes and every prove is unlinkable (given no unique attribute is disclosed). Also it supports generating an unique, identity-linked ID per domain.

So I wonder why this technology is not used anywhere I know of?

  • @solrize
    link
    14 months ago

    Never heard of U-prove but for what you are asking, is FIDO2 similar?

    • BlueKeyOP
      link
      fedilink
      24 months ago

      I didn’t read to much of the FIDO2 spec, so I can’t really compare.
      But U-Prove can be used for state-issued E-IDs. Is this also possible with FIDO (including dynamically issuing attributes)?