Wish: Standardized Device onboarding

Supporting fido standard could enhance value of onrio for IoT usecases by adding "passwordless capabilities":

According to this short intro:

• https://www.youtube-nocookie.com/embed/11UfySDn7_I

I understand that there is a trend to replace passwords by stronger authentications, sounds nice but we need to check how the commitment of "Privacy and Security by Design" is implemented.

Today I am not sure there is any reference OSS implementation of the open spec released yet:

• https://fidoalliance.org/specs/FDO/FIDO-Device-Onboard-PS-v1.1-20220419/FIDO-Device-Onboard-PS-v1.1-20220419.html
• https://github.com/fedora-iot/fido-device-onboard-rs
• https://github.com/secure-device-onboard/readme

Maybe looking at webauthn API could be relevant to get into it:

• https://github.com/fido-alliance/webauthn-demo
• https://en.wikipedia.org/wiki/WebAuthn

Related links:

• https://fidoalliance.org/fido-alliance-creates-new-onboarding-standard-to-secure-internet-of-things-iot/
• https://fido-alliance.github.io/how-to-fido/HowToFIDO.html
• https://www.redalertlabs.com/blog/top-10-things-you-should-know-about-fido-device-onboarding-fdo

Cc: @stefanschmidt @zyga @mrybczyn

ps:

I filed this issue here at:

#21

Because I am not granted to file issues at:

https://gitlab.eclipse.org/eclipse-wg/oniro-wg/products-services-oniro-wg/wishlist-roadmap/wishlist-repo/-/issues