Author: Wendell 2013-08-09 11:59:09
Published on: 2013-08-09T11:59:09+00:00
The email dated August 9, 2013, discusses the notes taken by Mike Hearn regarding Mozilla Persona, which is an infrastructure for web-based single sign-on. The system works by having email providers sign temporary certificates for their users whose browsers then sign server-provided challenges to prove their email address. The email highlights that SSO systems face a classic chicken/egg setup and run fallback services that allow anyone with an email address to participate. They integrate with Google/Yahoo SSO systems as well until Persona becomes big enough to matter, and then they can remove the centralized structure making it transparently decentralized.The email suggests that leveraging Persona would be convenient since users can get themselves a Persona certificate and use it to sign in to websites with a single click while the user experience is smart and professional. CAs are designed for website admins and getting a certification for an email address is rather variable and more heavyweight. However, Persona does not use X.509 but a custom thing based on JSON. An implementation is likely to be easy, and from the user's perspective, their wallet app would embed a browser and drive it as if it were signing into a website, stopping after the user is signed into Persona and a user cert has been provisioned. It can then sign payment requests automatically.
Updated on: 2023-06-07T15:32:07.036850+00:00