@didek Well, it looks like “passkeys” are about to get a huge push with Apple, etc., behind them. I’d ideally love to be able to implement a frictionless authentication process like that that also enables people to derive and use their own private keys automatically.
Barring that, my current flow is to generate a Diceware passphrase that all other key material is derived from (signing, encryption, ssh keys, etc.) and which you’re expected to keep in your password manager.
@didek But yes, the whole idea of small web relies on people owning and controlling their own keys (ideally, without knowing what keys are or how they work), so they can have ownership/control of their online identities and be able to communicate both privately (end to end encrypted) and publicly.
I’d welcome any movement to interoperate on such a system.