Kevin Kofler via devel wrote: > And at least the German stuff (and the Italian, Portuguese, and Estonian > ones) is Free Software. The Austrian ID Austria app is entirely proprietary. > Though, as far as I know, you can buy physical FIDO2 hardware, then go > register that with the ID Austria office, and then log in on the ID Austria > website with any FIDO2 enabled browser and the hardware you bought. But the > default workflow goes through a proprietary smartphone app. I wish I were allowed to use FIDO2. The dominant ID protocol in Sweden is called BankID. It's a proprietary and secretive protocol that requires a proprietary app that requires an operating system from either Apple or Google – or sometimes Microsoft, but in many cases not even Windows is allowed. No FIDO2 or other open standard is allowed. It's becoming ever more difficult to be a Fedora user in Sweden. Several banks require BankID. Members of various associations must have BankID to log in to membership pages. Many webshops accept payment only through Klarna, and Klarna now requires everybody to use BankID. Thus the BankID cartel effectively controls which operating systems have access to the Swedish market. Users of other operating systems are severely restricted in which banks they can have accounts in, which shops they can buy from, et cetera. By the way, the BankID protocol has fundamental design flaws that enable an ongoing fraud campaign, and the more BankID becomes a routine in people's daily lives, the easier it becomes for scammers to convince victims to click through the BankID dialog that authorizes the scammer to empty the victim's bank account. There are also at least two other proprietary ID protocols, which only government agencies accept. One of those offers a Firefox extension that can actually be used on a GNU/Linux system. It's unfree, buggy and unmaintained, but usually works just about well enough to be usable on the one website I need to access that accepts it. Government agencies seem to have some requirement to be vendor-neutral, and they believe that means they must buy incompatible proprietary services from all the vendors, instead of defining a standard that any vendor can implement. Everyone who isn't required to be vendor-neutral accepts only BankID and contributes to strengthening the Apple/Google duopoly. Björn Persson
Attachment:
pgpUF4herjCOw.pgp
Description: OpenPGP digital signatur
-- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
