Dimitri Bouniol
Saphire LatticeTIL of OpenYOLO - "You only login once"
Basically.. proto-FIDO2 but it directly let pages request a password from an authenticator lmao. And save credentials too, not unlike a passkey.
https://openid.net/specs/openyolo-android-03.html
https://github.com/openid/OpenYOLO-Web
What a silly old thing, sheesh. Is this what modern webauthn was born from, or was that a parallel effort?
Glad we have better stuff now that uh, wouldn't get popped from the first XHR that gets found for a site
OpenYOLO for Android
OpenYOLO for Android is a protocol for retrieving, updating and assisting in the creation of authentication credentials. This document describes the core concepts of OpenYOLO, and the platform-specific details for implementing the OpenYOLO protocol on Android. What's in a name? YOLO stands for "You Only Login Once", which is the internal code-name for Google's Smart Lock for Passwords API on Android. OpenYOLO is the open standards successor to YOLO, and came to be as a result of an initial collaboration between Google and Dashlane. OpenYOLO leverages the lessons learned from YOLO, and also ensures that implementations of OpenYOLO can compete on a level playing field. OpenYOLO would not have been likely to succeed without AgileBits, Keeper Security and LastPass, to whom we are grateful for their continued support and engagement.
