- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sun, 16 Feb 2014 07:09:54 +0100
- To: Manu Sporny <msporny@digitalbazaar.com>, Web Payments <public-webpayments@w3.org>
- CC: Brian Smith <brian@briansmith.org>
Thanx for posting this Manu, I was just planning to do that! Now to the analysis... Since I have been into this for about 15 years, I have a slightly different perspective than Mozilla. In the EU consumer-PKI is fairly popular since a decade back. Half of the Swedish population have digital certificates that they use for login, signing at public sector portals and on-line banks. NONE, ABSOLUTELY NONE of the solutions build on the browser PKI client supplied by Mozilla, Apple, Microsoft or Google. This has been even more the case for mobile banking which is getting main-stream. Now to the (not so) funny part: Each time I mention this EASY TO VERIFY FACT, product management and engineering totally frown and consider me a true b****s. Microsoft once tried something even more ambitious than Persona (and actually quite cool), called "Information Cards" which they claimed to be a solution for banks (and many others). I said early on that IT DOES NOT match banks' requirements and that they were building something on top of a platform which wasn't "bank-ready". IMHO the same goes for Persona. Google is the only vendor who have managed creating a full stack with their U2F solution. Well, it is pushed by the FIDO alliance but it started at Google. http://fidoalliance.org/specifications/download Anders On 2014-02-15 20:57, Manu Sporny wrote: > Of interest to this group since we were counting on Persona being one of > the login solutions that we'd use to transmit richer customer data to > merchants (primarily payment processor and address information): > > https://wiki.mozilla.org/Identity/Persona_AAR > > Of particular interest: > > """ > What did we learn? > > Persona should be pared down to its core: a decentralized email > verification and login API for the web. No more session management, no > attribute exchange. > > Persona should be built natively into Firefox, Fennec and Firefox OS to > make the JavaScript shim unnecessary on these platforms. The base > functionality should be cross-browser, but the experience should be > optimized for the native platforms. > > Sites should control most of the user flow and Persona should be almost > invisible to users. > > Sites should be able to offer these benefits to their users with a > native UA implementation: better UX, reduced login friction and phishing > protection. > """ > > In related news, Lloyd H. has left Mozilla. With the departure of Ben > Adida last year, I'm wondering who's taking over the project. From what > I gather both Ben and Lloyd started the work... wonder who is going to > finish the work and how it's going to get finished. Thoughts, Kumar? > > -- manu >
Received on Sunday, 16 February 2014 06:10:27 UTC