"WebAuthn" extension

Interesting. Has it gone through a security review?

Nike (talk)17:48, 30 October 2019

I'm not really sure but I have found this ticket on Phabricator: https://phabricator.wikimedia.org/T227244

I don't see any other security-related ticket, tho. However, as far as I know, this extension will be used on WMF wikis do you can assume it's secure enough.

Also thanks for your reply,

Rail (my talk | contribs)19:52, 30 October 2019

I'd say that technically the extension is ready, but the user experience is in alpha stage, so the translation may be also alpha as long as it has not been tested; there will likely be more to translate and explain how this should work and what ot do in case of problems of configuration and why this new Auth method would be preferable or not to another (the Phabricator task explicitly questions about how to work with multiple libraries trying to do the same thing, how they can be unified using a replacable hook allowing to evaluate also the implementations in terms of effective security, performance, cost of maintenance, debugging in case of problems. Also the testbed is still not in place, and they wonder how they'll recruit testers with usable inputs (or if automated monotoring can generate better results). In terms of pure UX, the testbed will receive some comments, several proposals will be made, as well as A/B tests. How many testers will be needed will also condition how many languages will be needed for these tests (they probably don't want to support many languages for now, but have enough inputs for specific needs in some countries where other authentication methods (possibly using thrid party services) are not supported very well, or have no good support and fow which alternate less demanding methods may be needed, but also more training for their users.

Still in all countries, 2FA is not enough known and not generalized, many users complain about how the current methods are implemented, and they also fear about privacy risks this causes to them (notably in countries like China with very active user monitoring by authorities, or with extreme social/economical and criminal risks like Russia or Mexico, or legal risks like US, or countries where users have no other choice to conenct to Wikimedia than using foreign VPNs, or slow mobile connections, or shared Internet access, or whose emails are heavily monitored

As well there's a worldwide threat caused by malwares that attempt to steal people's identity, and 2FA will sonn be not enough, we'll need more factors in a very near future. But how we'll configure all these to work correctly together may become really complex for many people, that will finally opt to protect their privacy by delegating everything to a commercial service provider like Apple, Google, Facebook or Amazon, and tie all their existence to a permanent dependency to these big players, creating lifetime monopoles and splitting the world in distinct proprietary universes.

Verdy p (talk)22:39, 30 October 2019
 

I'll consider this. It's not on top of the TODO list so it can take a while.

Nike (talk)10:30, 1 November 2019

Awesome. Thank you.

Rail (my talk | contribs)11:04, 1 November 2019