Re: Browser ID

On 15 Jul 2011, at 01:14, Nathan wrote:

> This is pretty good.. nice UI flow to it as well, that said, it does look like it requires a single point of sign on, and to control your profile(s), namely browserid.org, that bit isn't so good.

I think if you look at the second article, you'll find that the Identity Provider does a request on the e-mail domain.

   http://lloyd.io/how-browserid-works

But it is 2am here, and I need to go to sleep.

For those of you who want to watch a nice video on something completely different: "Sita sings the blues"

  http://www.youtube.com/watch?v=1QkYOqI3jSM

Henry


> 
> Can see it taking off pretty quickly though!
> 
> Henry Story wrote:
>> I am CCing Ben Adida who posted some interesting information on Browser ID.
>>  For a general view:
>>   https://browserid.org/
>> For detailed technical overview
>>   http://lloyd.io/how-browserid-works
>>  It is pretty close to what WebID does I think, except that they omit the TLS part, though they re-invent it using javascript - a bit like what Manu Sporny was working on. It removes the need for TLS but requires a browser extension to work - I gather on first reading. Since Mozilla is putting it forward I suppose that could work -- though it will take time for browsers to ship with all of this.
>>  If they could use the same keychain used by TLS and have both BrowserID use the same keys linked to the certificates WebID uses then the two could work nicely together perhaps. So if a Relying party could provide TLS - which I think more and more will with DNSsec and DANE rollout - then the certificate route could be used. For servers that did not have TLS, then this would be the better solution for a long time.
>>  In any case the UI remarks I made at the end of the video on http://webid.info/ are still needed in both cases.
>> Henry
>>  Social Web Architect
>> http://bblfish.net/
> 

Social Web Architect
http://bblfish.net/

Received on Thursday, 14 July 2011 23:57:00 UTC