@ Open Web Camp V Vlad Filippov

@vladikoff

Identity Team at Mozilla

https://hacks.mozilla.org

http://identity.mozilla.com

Persona, Profile in the Cloud, Firefox Sign-in, Identity UX

• Mozilla Persona - a login system for the Web • Eliminates site-specific passwords

• Use your email to sign in into websites

• All open source

• User privacy is one of the core goals

Mozilla Persona Overview

Users • A better way to sign in

Developers • Why Persona? • Persona API• Libraries & Plugins

Identity Providers• BrowserID Protocol• Running your own IdP

Mozilla Persona for ...

Persona for Users

Current state of sign-in

Current state of sign-in

Current state of sign-in

Mozilla Persona - A better way to sign in!

Mozilla Persona - A better way to sign in!

Persona - Manage addresses

login.persona.org

Identity Bridging

@yahoo.com accounts can login to Persona-enabled sites

Persona - Browser Support

Tested with

Persona - Native on Firefox OS!

Firefox OS Demo

Persona for Developers

Building Sign In

bad passwords challenging UX

password reset recovery

support security backup

Easy to use. Easy to implement in your apps or sites

Federated Protocol & Decentralized

No social profiles attached

No need to store passwords

No need to rely on third-parties

Eliminate registration forms and more...

Why Persona?

UX freedom

Persona for developers

UX Prototypes

Persona for developers

Persona for developers

Translated & Localized

Persona at Mozilla

Persona around the Web

Persona around the Web

Persona around the Web

Persona around the Web

Persona around the Web

Persona around the Web

Persona in your app

1. JavaScript Library

2. Login / logout buttons

3. Configure Persona

4. Verify Assertions

Persona API - 1. JavaScript Library

https://login.persona.org/include.js

Persona API - 2. Buttons!

<a href="javascript:navigator.id.request()">Sign in</a>

<a href="javascript:navigator.id.logout()">Log out</a>

Persona API - 3. Configure

client.js

Persona API - 4. Verify

app.js (server-side)

Persona API - 4. Verifyroutes.js (server-side)

Persona API in your favorite language

verifier response

Persona API in your favorite language

Persona with plugins

1. JavaScript Library

2. Login / logout buttons

3. Configure Persona

4. Verify Assertions

Meteor + Persona Demo

Persona for developers

Existing plugins and libraries JavaScript

Python

Ruby

PHP

Java

Clojure

...

Persona for Identity Providers

Persona - for your domain

user@yourdomain.com

yourdomain.com

Identity Provider

Persona - IdP in your language

Reference implementation in Node.js

Persona - BrowserID Actors

Users - A person that wants to sign into a website

Relying Parties - Sites that use Persona for sign-in

Identity Providers - Domains that can issue certificates

Persona - Step 1: Certificate Provisioning

/.well-known/browserid

Identity Provider

Provisioning URLusing email and public key

User Certificate

Browser

Persona - Step 2: Identity Assertion

Identity Assertiondomain of the RP + expiration

Browser

Persona - Step 3: Verification

Identity Assertion

User Certificate

Identity Provider

/.well-known/browserid

Persona - Fallback IdP

Fallback Identity Provider

/.well-known/browserid

Identity Provider

Browser or Relying Party requests

browserid-certifiergenerate a shared public key for the IdP

serve /.well-known/browseridhas the public key, authentication & provisioning urls

Persona - Setting up an IdP

implement provisioning page & authentication page

Developer Documentation https://developer.mozilla.org/persona

Need to introduce Persona to others?http://mozilla.org/persona

User? Developer? Submit your user story:https://github.com/mozilla/browserid-roadmap

Need help beyond the docs?#identity on irc.mozilla.org

Persona for everyone

developer.mozilla.org/persona

Thanks!