- February 15, 2016 Making the Internet Better
- January 12, 2016 Hardware Model bassed Collections in SCCM 2012 R2
- July 19, 2015 Holiday 2015
- February 27, 2015 Write your own Easter Egg
- February 23, 2015 #TooStubbornToReadTheManual
- February 23, 2015 Python and Regex
- February 22, 2015 Somethang knew!
Making the Internet Better
I was recently just laying around, and started thinking about a couple of issues with how the Internet operates today, and thought of a couple of things, that if changed, could really increase usability and general ability to communicate on web, and have that communication actually mean something.
Now Before I go further, I feel like I need to talk about what I believe Authentication and Authorization is.
- Authentication is the act of identifying yourself.
- Authorization is determining what you have access to.
1. Actual Federated Authentication.
Imagine a single, universal, Government endorsed Authentication protocol. Every Human gets one set of credentials. Security via Username, Password, OTA Code, Certificate, And Biometric Security combinations.
That Account Is You.
If we had this, and it was universally trusted. We could Vote using it.
- Vote for Presidents
- Vote on Laws
- Vote on Prosecution
- Sign petitions
With this system, all those Change.org campaigns gain weight overnight, as suddenly the signatures aren't just dupicate accounts, but actual, one time only votes.
With this, we could even change how we vote on these things. Imagine changing a Law via a Pull Request on Github!
You could also link these credentials to all your online apps
- Slack
- Battle.net
- 4Chan
Well...maybe not that last one... because when using these credentials, you would not be able to hide on the Internet. Everyone would know its you. However, Nothing would stop the creation of local credentials per application, like we have today. (Don't worry, you will still be able to create throwaway's on Reddit.) But when you are signed in, suddenly, Everything online would have more merit, because everyone becomes accountable for what they say.
This Authentication could also be used for local accounts. Your computer logon at home and at work, your Phone account. Your home Automation.
It would truly be a Unique Identifier.
2. Truly separate Authentication from Authorization
I am so tired of having to log into different GMail accounts, Different Twitter Accounts, Different Reddit Accounts.
Authenticate Once; Authorize Many...
Lets look at an example.
Barbara Dunkelman is the Social Media and Community Manager at Rooster Teeth. Understandably, Barbara would have to access multiple Twitter accounts. Rooster Teeth, Funhaus, Achievement Hunter, and her own personal one, Just to name a few. Every Twitter account has its own email address, Username, and Password.
Now, I can't comment on how Barbara might handle this, but I know Twitter doesn't natively support multiple accounts. So you would have to log into each account separately.
But imagine if this followed the Authenticate Once; Authorize Many approach...
This means Barbara could Log in once, then get a nice drop-down allowing her to select which account she wishes to impersonate.
Now a couple of large applications are starting to use this model (Facebook, for one, does this very well with Pages) but it's no-where near wide spread as it should be. And if we couple this with the Federated Authentication we spoke about earlier, you would only have to Authenticate Once.
Imagine that. One Username. One Password. One Person.