OpenWebAuth

 OpenWebAuth  is the authentication protocol utilized by Zot6; making use of Webfingers, HTTP Signatures and token generation for headless authentication. Projects like Hubzilla make use of it for authentication.

Documentation

 * https://framagit.org/zot/zap/blob/dev/spec/OpenWebAuth/Home.md
 * https://project.hubzilla.org/help/developer/zot_protocol#Magic_Auth

Criticism

 * Unclear on where the spec is actually defined
 * Uses cryptography in the spec itself rather than keeping cryptography at the transport layer
 * Relies on the site you're signing in to to accept the  query parameter in every page, as opposed to confining the authentication code to a single URL that can redirect to the destination later
 * Uses HTTP signatures but doesn't specify how the keys are discoverable, so it is unclear where to read to find that out