I find Solid incredibly interesting academically, and watch it with interest, but I'm sadly skeptical that it'll find traction— it requires both substantial development resources (as apps need to be rewritten to its standards) and a change in consumer behaviour.
I'm reminded of this Steve Jobs response from WWDC 1997 [1]:
> One of the things I've always found is that you've got to start with the customer experience and work backwards for the technology. You can't start with the technology and try to figure out where you're going to try to sell it. And I made this mistake probably more than anybody else in this room. And I got the scar tissue to prove it.
The beauty of the implementation I described is that it could work with any existing (web) app with little-no development effort while leveraging affordance users already have from using Touch/Face ID to authenticate Keychain, Apple Pay etc.
Until a proposal like Solid is widespread, I'd love for a browser/password manager vendor I trust (for me, Mozilla or Apple) to integrate with a privacy-forward email vendor for unique email addresses to provide a less 'fingerprinted' approach to auth, useful today with all legacy (web) apps.
I don't disagree with what you're saying. But it's also reasonable to focus just on working with those who see the same thing you do, and develop widely usable systems based on that. That's where everything comes from, basically. If we keep pandering to the lowest common denominator, the results will always be compromised.
GDPR is having a big impact on these discussions. Organizations don't want to own data any more. It would be a true tragedy of more collapsing of the net if it came down to using one of a few big providers, without alternate options. Yet we're seeing this happen, since many sites now only offer login via social media, with no option via email. IMO, these sites should be boycotted.
I'm reminded of this Steve Jobs response from WWDC 1997 [1]:
> One of the things I've always found is that you've got to start with the customer experience and work backwards for the technology. You can't start with the technology and try to figure out where you're going to try to sell it. And I made this mistake probably more than anybody else in this room. And I got the scar tissue to prove it.
The beauty of the implementation I described is that it could work with any existing (web) app with little-no development effort while leveraging affordance users already have from using Touch/Face ID to authenticate Keychain, Apple Pay etc.
Until a proposal like Solid is widespread, I'd love for a browser/password manager vendor I trust (for me, Mozilla or Apple) to integrate with a privacy-forward email vendor for unique email addresses to provide a less 'fingerprinted' approach to auth, useful today with all legacy (web) apps.
[1] https://youtu.be/FF-tKLISfPE