Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
20120512 persona mdn_hackday_ldn
1. Jean-Yves Perrier (Mozilla) / May 12th, 2012
@teoli2003
MDN Hack Day — London
Persona / BrowserID
Proving your identity without giving up
your privacy.
9. For the user :
Secure
Simple to use
Single sign-on : one password
Respect privacy
Independant of the browser
Independant of the device
Feel as a real identity
10. Hashing
MD5 — SHA1 — SHA128 ?
Salting
Ensuring strong password
usage
Procedures
- initial authentication
- password lost
- disaster recovery
- keeping up with the algo
11. For the site :
Secure
Simple to use
Respect privacy (no 3rd party take the
customer relation)
Independant of the browser
Independant of the device
Feel as a real identity
Less maintenance burden
14. Identity = e-mail
address
It is a fully distributed system with billions of accounts
across countless host providers
Users understand what an email address is and what it
represents
It naturally allows for the use pseudonyms
It relies on the distributed Domain Name System
(DNS) for name lookup
15. The actors
Relying Party
a site or service that depends on a federated identity
provider
Identity Provider
a site or service that provides identity assertions for
3rd party consumption
User