mozilla persona: simplified sign-on
DESCRIPTION
Mozilla Persona: Simplified Sign-on at OpenWebCamp VTRANSCRIPT
@ Open Web Camp V Vlad Filippov
@vladikoff
Identity Team at Mozilla
https://hacks.mozilla.org
http://identity.mozilla.com
Persona, Profile in the Cloud, Firefox Sign-in, Identity UX
• Mozilla Persona - a login system for the Web • Eliminates site-specific passwords
• Use your email to sign in into websites
• All open source
• User privacy is one of the core goals
Mozilla Persona Overview
Users • A better way to sign in
Developers • Why Persona? • Persona API• Libraries & Plugins
Identity Providers• BrowserID Protocol• Running your own IdP
Mozilla Persona for ...
Persona for Users
Current state of sign-in
Current state of sign-in
Current state of sign-in
Mozilla Persona - A better way to sign in!
Mozilla Persona - A better way to sign in!
Identity Bridging
@yahoo.com accounts can login to Persona-enabled sites
Persona - Browser Support
Tested with
Persona - Native on Firefox OS!
Firefox OS Demo
Persona for Developers
Building Sign In
bad passwords challenging UX
password reset recovery
support security backup
Easy to use. Easy to implement in your apps or sites
Federated Protocol & Decentralized
No social profiles attached
No need to store passwords
No need to rely on third-parties
Eliminate registration forms and more...
Why Persona?
UX freedom
Persona for developers
UX Prototypes
Persona for developers
Persona for developers
Translated & Localized
Persona at Mozilla
Persona around the Web
Persona around the Web
Persona around the Web
Persona around the Web
Persona around the Web
Persona around the Web
Persona in your app
1. JavaScript Library
2. Login / logout buttons
3. Configure Persona
4. Verify Assertions
Persona API - 1. JavaScript Library
https://login.persona.org/include.js
Persona API - 2. Buttons!
<a href="javascript:navigator.id.request()">Sign in</a>
<a href="javascript:navigator.id.logout()">Log out</a>
Persona API - 3. Configure
client.js
Persona API - 4. Verify
app.js (server-side)
Persona API - 4. Verifyroutes.js (server-side)
Persona API in your favorite language
verifier response
Persona API in your favorite language
Persona with plugins
1. JavaScript Library
2. Login / logout buttons
3. Configure Persona
4. Verify Assertions
Meteor + Persona Demo
Persona for developers
Existing plugins and libraries JavaScript
Python
Ruby
PHP
Java
Clojure
...
Persona for Identity Providers
Persona - for your domain
yourdomain.com
Identity Provider
Persona - IdP in your language
Reference implementation in Node.js
Persona - BrowserID Actors
Users - A person that wants to sign into a website
Relying Parties - Sites that use Persona for sign-in
Identity Providers - Domains that can issue certificates
Persona - Step 1: Certificate Provisioning
/.well-known/browserid
Identity Provider
Provisioning URLusing email and public key
User Certificate
Browser
Persona - Step 2: Identity Assertion
Identity Assertiondomain of the RP + expiration
Browser
Persona - Step 3: Verification
Identity Assertion
User Certificate
Identity Provider
/.well-known/browserid
Persona - Fallback IdP
Fallback Identity Provider
/.well-known/browserid
Identity Provider
Browser or Relying Party requests
browserid-certifiergenerate a shared public key for the IdP
serve /.well-known/browseridhas the public key, authentication & provisioning urls
Persona - Setting up an IdP
implement provisioning page & authentication page
Developer Documentation https://developer.mozilla.org/persona
Need to introduce Persona to others?http://mozilla.org/persona
User? Developer? Submit your user story:https://github.com/mozilla/browserid-roadmap
Need help beyond the docs?#identity on irc.mozilla.org
Persona for everyone
developer.mozilla.org/persona
Thanks!