946
edits
Firefox/Projects/AccountManager/SecurityReview: Difference between revisions
Firefox/Projects/AccountManager/SecurityReview (view source)
Revision as of 21:59, 31 August 2010
, 31 August 2010→Relationships to other projects
| Line 106: | Line 106: | ||
== Relationships to other projects == | == Relationships to other projects == | ||
Are there related projects in the community? | Are there related projects in the community? | ||
* If so, what is the proposal's relationship to their work? Do you depend on others' work, or vice-versa? | * If so, what is the proposal's relationship to their work? Do you depend on others' work, or vice-versa? | ||
* Are you updating, copying or changing functional areas maintained by other groups? How are you coordinating and communicating with them? Do they "approve" of what you propose? | * Are you updating, copying or changing functional areas maintained by other groups? How are you coordinating and communicating with them? Do they "approve" of what you propose? | ||
There are plenty of auth-related technologies out there. A few pertinent ones: | |||
* HTTP Auth | |||
There is an HTTP Auth profile, although it is not currently implemented. The profile makes additional requirements on top of HTTP Auth (e.g., there must be an AMCD). | |||
* OpenID/OAuth/Other federated | |||
There is a federated ID profile, similar to the HTTP Auth case. | |||
* InfoCards/CardSpace | |||
An attempt at replacing the auth stack with something else. Much more heavy-handed approach. Not compatible with AM. | |||
== Review comments == | == Review comments == | ||