Identity/BrowserID/BigTent: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
 
(10 intermediate revisions by one other user not shown)
Line 3: Line 3:


No user data is stored, except their email address which is stored in a secure session in a cookie in the user's browser.
No user data is stored, except their email address which is stored in a secure session in a cookie in the user's browser.
Initial launch will target yahoo.com email addresses. Follow up releases can enable other popular email providers.


== Architecture ==
== Architecture ==
Line 11: Line 13:
* hotmail.com
* hotmail.com


When a user enters a proxy email address, instead of being processed like a secondary, the will be authenticated via BigTent. The user will see an OpenID, OAuth, or other 3rd party screen hosted by their email provider which asks if they wish to log in to browserid.org. If the agree, we'll get confirmation that they own that email address and we'll issue assertions on their behalf.
When a user enters a proxy email address, instead of being processed like a secondary, they will be authenticated via BigTent. The user will see an OpenID, OAuth, or other 3rd party screen hosted by their email provider which asks if they wish to log in to browserid.org. If they agree, we'll get confirmation that they own that email address and we'll issue assertions on their behalf.


The issuer for these certificates will be bigtent.
The issuer for these certificates will be bigtent.
== Environments ==
Play with BigTent! The Persona dev environment is BigTent enabled for yahoo.com and gmail.com.
* Dev [http://dev.123done.org/ dev.123done.org]
* Stage TBD
* Prod TBD
== Test Plan ==
[https://etherpad.mozilla.org/identity-big-tent-test-plan Test Plan]


== Codebase ==
== Codebase ==
Provisional repo is at https://github.com/mozilla/browserid-bigtent
 
[https://github.com/mozilla/browserid-bigtent browserid-bigtent on github]


== Domain Name ==
== Domain Name ==
Line 22: Line 36:


== Project Management ==
== Project Management ==
=== Current Status ===
[https://etherpad.mozilla.org/bigtent-project-status Project Status Etherpad]
=== Schedule ===
=== Schedule ===
* 4/25 - 5/9 Development Sprint
* 4/25 - 5/9 Development Sprint
Line 28: Line 45:
* 5/9 - 5/23 Dev sprint for "First IdP reworked to skinny's satisfaction"
* 5/9 - 5/23 Dev sprint for "First IdP reworked to skinny's satisfaction"
* 5/9 - 5/23 Dev sprint for all IdP proxies alpha deployed on AWSBOX
* 5/9 - 5/23 Dev sprint for all IdP proxies alpha deployed on AWSBOX
* 5/23 Stage deployment
* 5/15 Testing against awsbox deployment
* 5/15 Testing against awsbox deployment
* 5/23 Testing against Stage
* 7/16 - Legal review for Yahoo.com completed
* 6/6 Production deployment of all proxied IdPs
* 9/15 - Security Review completed
* 9/18 - All Legal bugs closed
 
Around June We hit a bottleneck on Ops resources to focus on Beta launch.
 
* TBD Stage deployment
* TBD Testing against Stage
* TBD Security testing on Stage
* TBD Production deployment of all proxied IdPs


=== Bugs ===
=== Bugs ===
See dependent bugs for a complete list of open bugs
* {{Bug|754926}} - Project Tracking bug
* {{Bug|742818}} - Privacy / Legal Review
* {{Bug|742818}} - Privacy / Legal Review
* {{Bug|742809}} - Security Review
* {{Bug|742809}} - Security Review

Latest revision as of 23:08, 2 January 2013

BigTent

A ProxyIdP service for bridging major IdPs who lack support for the BrowserID protocol.

No user data is stored, except their email address which is stored in a secure session in a cookie in the user's browser.

Initial launch will target yahoo.com email addresses. Follow up releases can enable other popular email providers.

Architecture

The BigTent service will be a new service that looks like Vinz Clortho, our Mozilla IdP. BrowserID currently understands *primary* and *secondary* email addresses. A new class *proxyidp* will be added for a whitelist of TLDs.

  • gmail.com
  • yahoo.com
  • hotmail.com

When a user enters a proxy email address, instead of being processed like a secondary, they will be authenticated via BigTent. The user will see an OpenID, OAuth, or other 3rd party screen hosted by their email provider which asks if they wish to log in to browserid.org. If they agree, we'll get confirmation that they own that email address and we'll issue assertions on their behalf.

The issuer for these certificates will be bigtent.

Environments

Play with BigTent! The Persona dev environment is BigTent enabled for yahoo.com and gmail.com.

Test Plan

Test Plan

Codebase

browserid-bigtent on github

Domain Name

yahoo.login.persona.org

Project Management

Current Status

Project Status Etherpad

Schedule

  • 4/25 - 5/9 Development Sprint
  • 5/9 - AWSBOX Deployment
  • After AWSBOX Deployment - Skinny to do UX review
  • 5/9 - 5/23 Dev sprint for "First IdP reworked to skinny's satisfaction"
  • 5/9 - 5/23 Dev sprint for all IdP proxies alpha deployed on AWSBOX
  • 5/15 Testing against awsbox deployment
  • 7/16 - Legal review for Yahoo.com completed
  • 9/15 - Security Review completed
  • 9/18 - All Legal bugs closed

Around June We hit a bottleneck on Ops resources to focus on Beta launch.

  • TBD Stage deployment
  • TBD Testing against Stage
  • TBD Security testing on Stage
  • TBD Production deployment of all proxied IdPs

Bugs

See dependent bugs for a complete list of open bugs

Get Involved

Retrieved from "https://wiki.allizom.org/index.php?title=Identity/BrowserID/BigTent&oldid=496269"