This does not sound secure

From Dr Tackmann’s article 2 days ago:

“…in web authentication flow, the secure device provides a digital signature on the [random] challenge sent by the server…we use the request itself [ from the client ! ] as the challenge”

Does not sound secure.

I think he is referring that the request (eg. public shared(msg) func get_my_profile() is signed by the client. The server will recover the public key pk from the signature of this request.
The actor code will be able to retrieve this public key (or canisterId if called via a wallet canister) as a typed Principal. (via msg.caller )

cf. Add access control with identities :: Internet Computer

It’s not a standard because they indicate they rolled their own crypto due to cannisters not being servers (“we had to overcome a few hurdles”) and my quote describes how they changed it so that your computer is verifying your 2FA device, so it appears to be just 1-factor authorization.

Ok my bad, I drew some hasty conclusions there.

You might have a read of internet-identity/internet-identity-spec.adoc at main · dfinity/internet-identity · GitHub

Thanks for the link.

My complaint is that his overview did not indicate a random challenge or even a challenge. It appears the identity service challenges the user’s device on behalf of the cannisters to get them a session key. The challenge is the user_id which is random but always the same for a given identity and frontend. If I’ve got that much right, my wild guess is that the identity service is randomly choosing from a set of generated delegation keys so that the session key isn’t always the same.