Macaroons are bearer credentials that implement flexible, cryptographically sound authorization and enable fast, stateless enforcement of arbitrary authorization policies without phoning home to single sign-on or other auth servers.
FIDO Universal Second Factor (U2F) is a widely deployed open standard for simple and inexpensive cryptographic hardware devices that provides an easy second factor for authentication.
This talk will provide an introduction to Macaroons and U2F, explain their cryptographic construction, and describe an open source project that combines them to provide an authentication and authorization system that completely eliminates phishing and defends against man-in-the-middle attacks.