Services/Identity/Spec: Difference between revisions

Jump to navigation Jump to search

Services/Identity/Spec (view source)

Revision as of 02:04, 5 March 2011

1,159 bytes added ,  5 March 2011
no edit summary
(Created page with "== Server == Pages ID service must implement: * Provide a login page to the user sets a cookie which allows the page to make an XHR request to return an Identity Assertion for ...")
 
No edit summary
Line 1: Line 1:
= Verified Email Protocol Specification =
The verified email protocol enables a Web site to request an email address belonging to the user associated with the current browser session. The email address is delivered (after user consent) inside a cryptographically signed document called an ''identity assertion'', which the Web site's servers can use to verify ownership of the email. Verification can also be delegated to a trusted 3rd party, allowing the Web site to be written without any specialized cryptographic code beyond SSL.
== Terms ==
;identity
An email address which identifies a user in a universally-recognizable way.
;identity assertion
A cryptographically signed document which proves to a particular audience that the current browser session is associated with an identity.
;primary authority
The service from whom a user acquires an email address. The primary authority may create assertions about any identity in their domain.
;secondary authority
A 3rd party service trusted by a Web site to issue identity assertions on behalf of a service which has not yet deployed infrastructure to issue identity assertions on their own.
== Server ==
== Server ==


Thunder
946

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/289037"

Navigation menu