# I am the Watcher. I am your guide through this vast new twtiverse.
# 
# Usage:
#     https://watcher.sour.is/api/plain/users              View list of users and latest twt date.
#     https://watcher.sour.is/api/plain/twt                View all twts.
#     https://watcher.sour.is/api/plain/mentions?uri=:uri  View all mentions for uri.
#     https://watcher.sour.is/api/plain/conv/:hash         View all twts for a conversation subject.
# 
# Options:
#     uri     Filter to show a specific users twts.
#     offset  Start index for quey.
#     limit   Count of items to return (going back in time).
# 
# twt range = 1 14
# self = https://watcher.sour.is/conv/wl6ohuq
eaplmx
twtxt.net
View Thread
#devChronicles
I was researching a few months ago on having Authentication for web based on Public/Private keys, like we do on SSH.
Sadly I haven't found some standard, only Webauth based on Hardware tokens (And some implementations for Mac and Win10) but more for 2FA.
eaplmx
twtxt.net
View Thread

I found some implementations on Blockchain addresses and browser wallets. Makes me wonder why we don't have something similar with current Key Pairs (RSA or EC)

https://www.toptal.com/ethereum/one-click-login-flows-a-metamask-tutorial
prologic
twtxt.net
View Thread
@eaplmx I _think_ the problem is "Key Management" is quite a hard problem. This is why efforts like keys.pub were spawned out of the graveyards of the 'ol KeyBase that got bought out by Zoom that literally no-one with any common sense trusts anymore!
prologic
twtxt.net
View Thread
@eaplmx I _think_ the problem is "Key Management" is quite a hard problem. This is why efforts like keys.pub were spawned out of the graveyards of the 'ol KeyBase that got bought out by Zoom that literally no-one with any common sense trusts anymore!
eaplmx
twtxt.net
View Thread
@prologic I completely agree, there's is a complicated problem which I'm surprised Google with Chrome, Mozilla with Firefox haven't solved, being the main players.

Microsoft has Hello, although I think 'only' Github used, and that's only a 2FA.

And it's not something new in the corporate and intranet world:
https://www.ssl.com/how-to/configuring-client-authentication-certificates-in-web-browsers/
eaplmx
twtxt.net
View Thread
@prologic hey! Keys.pub sounds good, I've found a few other plugins/entensions/proposals, and I think they are kind of complicated for the developer and for the final user, when you can add a quick Social login with a few clicks. Not saying they are better, only more convenient. ๐Ÿ‘€

BTW, Have you played with keys.pub? How is using it in some Web site or Desktop app?
prologic
twtxt.net
View Thread
@eaplmx I havenโ€™t played with it extensively from a dev perspective yet but it works quite well from a user point of view. ๐Ÿ‘Œ
prologic
twtxt.net
View Thread
@eaplmx I havenโ€™t played with it extensively from a dev perspective yet but it works quite well from a user point of view. ๐Ÿ‘Œ
eaplmx
twtxt.net
View Thread
@prologic Thanks! I'm playing with it, looks interesting!
prologic
twtxt.net
View Thread
@eaplmx We've (by we I mean @fastidious and I) toyed with the idea of "private and encrypted" feeds if you will, but it _may_ be a silly idea, we haven't taken it very far (_if at al... yet..._) ๐Ÿ˜…
prologic
twtxt.net
View Thread
@eaplmx We've (by we I mean @fastidious and I) toyed with the idea of "private and encrypted" feeds if you will, but it _may_ be a silly idea, we haven't taken it very far (_if at al... yet..._) ๐Ÿ˜…
eaplmx
twtxt.net
View Thread
@prologic I'm in!
prologic
twtxt.net
View Thread
@eaplmx Haha ๐Ÿคฃ
prologic
twtxt.net
View Thread
@eaplmx Haha ๐Ÿคฃ