U-Prove - Microsoft Research
www.microsoft.com
Overview A U-Prove token is a type of credential similar to a PKI certificate that can encode attributes of any type, but with two important differences: 1) The issuance and presentation of a token is unlinkable due to the special type of public key and signature encoded in the token; the cryptographic “wrapping” of the […]

U-Prove seems to me to be pretty close to a perfect auth system. It is possible to disclose only specific attributes and every prove is unlinkable (given no unique attribute is disclosed). Also it supports generating an unique, identity-linked ID per domain.

So I wonder why this technology is not used anywhere I know of?

  • BlueKey@fedia.ioOP
    2·
    8 days ago

    I didn’t read to much of the FIDO2 spec, so I can’t really compare.
    But U-Prove can be used for state-issued E-IDs. Is this also possible with FIDO (including dynamically issuing attributes)?