Expanded Internet Identity Support

Summary

Continued expansion of supported devices for Internet Identity to include more browsers and devices that support WebAuthn, in particular Windows Hello.

Status
Deployed

What you can do

  • Ask questions
  • Propose ideas
  • Etc…

Documentation

Key people involved
Maria Dubovitskaya, @kritzcreek , @bjoern

Relevant Background

  • Upwards of a billion Windows users can now easily access dapps through Internet Identity, opening up a huge new user base for Internet Computer-based dapps.
3 Likes

It would be great if Internet Identity is opened up for use by any web application outside of IC, which can be great marketing for IC. Plugins, documentation, etc can be developed to make integration easy for web devopers. I asked a question on r/dfinity about this and I got a promising response, only that this needs to be added in the roadmap somewhere:
u/bjoern_DFN :
" There is no inherent technical reason why Internet Identity could not be used by existing web applications – Internet Identity does not block that in any way. That said, the formats we use are pretty specific to the Internet Computer, so this certainly needs a bit of custom work on the side of the relying party/consuming service:

  • The assertion issued by Internet Identity is a canister signature (as defined in this section of the IC interface specification). Validating that assertion requires verifying a BLS signature and checking some paths in a Merkle tree, as described in the interface specification section on canister signatures. That’s all not rocket science, but it’s also not standard functionality available in everyday crypto libraries.
  • The assertion binds to a public key – in first approximation you may think about it as the Internet Identity canister issuing a certificate on a public key provided by the front-end application. This public key is then used for the actual authentication toward the IC – or potentially some server. In the case of the IC, that means signing ingress messages. For other web applications, this may mean signing a challenge provided by the server with that public key.

If there is a community effort to support Internet Identity as an authentication method in traditional web applications, we will happily provide more detailed descriptions, pointers to code in our implementation, etc."

1 Like

Not sure if this is the right place to ask, but I was wondering (from a user’s perspective) if:

  1. there are plans to build an Internet Identity (“II”) management dApp as there would be some people having multiple IIs for specifics scenarios (example, when interacting with social media, family, business, government) and in particular, showing which IIs are linked to which IC dApps or services; this could be achieved by having a Master II to login to this dApp which then controls all the other IIs. Imagine having a dashboard of all our IIs, wallet balances, staked amounts, dApps linked to each II (including signup history) etc.

  2. these IIs can be assigned to control both the NNS and proposed SNS (and its governance tokens) and managed from this Master II dApp.

4 Likes

It would be great, if we can login through yubi keys

That’s entirely possible and has been available since the launch of II. Check this

1 Like