[frut]

Authentication mostly. The lack of which is the major reason why the majority of us are still typing passwords into boxes in the browser and send them over the Internet in contradiction to best practices. Doing away with that would potentially solve a lot of problems, like phishing, but also replace cookies. Meaning it would be much harder to track users across the Internet threatening not only the revenue of major player but also their dominance since being able to handle security issues is a major advantage for them. So instead of fixing the problem at the source, we have security people recommending password managers and the EFF making cookie blockers.

Essentially every geek I have ever talked to support standards, decentralization, community efforts etc. Yet, here we have the company that has more influence than anyone else over the Internet almost single-handedly designing the protocol.

[wmf]

Google gave us HTTP/2 but they also gave us U2F. But they didn't give us soft U2F so everyone still uses passwords instead.

[ryukafalz]

There's already a protocol for that[0], just almost nobody's using it. Which is a real shame, because with a cleaner UX and more adoption it could be a serious win.

[0] http://webid.info/

[ubernostrum]

Mozilla tried with Persona (née "BrowserID"), which had similar goals. It didn't go anywhere, even with Mozilla's support behind it.