But I am very dumb and need to walk through things in lots of different directions to understand them.
Anyway, the benefits of having a HSM in a users hand : that should be huge - and it looks to me that it should end the need for SAML and openId auth etc
But I am not 100% sure - and I don't know what to read or who to ask. Google is not helping :-(
I think a big win lies in the ability to avoid the (hacky) redirect at the heart of Federated protocols.
With the FIDO approach we get a simple challenge response - here is a nonce, I know your public key, hash it in some fashion against your public key. Now this response, from the client back to the authenticating server, this response could be held up on camera during the Super bowl half time and it still would be secure. (Edit - Inassumed but did not say that I expect the challenge to be encrypted for my public key.)
So why not ignore the whole SAML dance, and have the relying party site (myshop.com) simply pass through the nonce, grab the hashed response and send it off? Basically what is wrong with MitM instead of federation? I can think of problems (Oracle, initial registration) but SAML etc are such complex piles of administrative failure I wonder if we get a better security trade off with simplicity. Anyway I am probably wrong - but I would like to know.
My big question for HN is not "am I inventing a security system I myself cannot break" but where do I go look to find the discussions that other smarter people have already had on this subject
like I said I am catching up
YMMV though.