
We need domain ownership proof based authentication - brisky
https://tautvilas.dpage.io/we-need-domain-ownership-proof-based-authentication
======
rasengan
DNS.live does this for its free web and DNS hosting [1]. All you need to do is
sign any post/api call with the private key associated with the address in
control of your handshake tld.

An example is on github [2][3].

[1] [https://dns.live/hosting.html](https://dns.live/hosting.html)

[2] Server: [https://github.com/dnslive/dnslive-
webserv](https://github.com/dnslive/dnslive-webserv)

[3] Client: [https://github.com/dnslive/dnslive-
webhost](https://github.com/dnslive/dnslive-webhost)

~~~
brisky
That is a cool concept. I wish more web platforms would offer similar options.

------
detaro
There is IndieAuth, which adapts OAuth 2 to work with URLs as identities (and
being OAuth, can even do authorization):
[https://aaronparecki.com/2018/07/07/7/oauth-for-the-open-
web](https://aaronparecki.com/2018/07/07/7/oauth-for-the-open-web)

[https://indieauth.net/](https://indieauth.net/)

~~~
brisky
The problem with OAuth - it is too complicated. Both for developers and for
users.

~~~
detaro
OAuth 1 I'd agree with that statement (it's use of crypto gave it more
pitfalls), but basic OAuth 2 is really not that bad. It's a few fairly
straight-forward HTTP requests.

