946
edits
Services/Identity/Spec: Difference between revisions
no edit summary
(Created page with "== Server == Pages ID service must implement: * Provide a login page to the user sets a cookie which allows the page to make an XHR request to return an Identity Assertion for ...") |
No edit summary |
||
| Line 1: | Line 1: | ||
= Verified Email Protocol Specification = | |||
The verified email protocol enables a Web site to request an email address belonging to the user associated with the current browser session. The email address is delivered (after user consent) inside a cryptographically signed document called an ''identity assertion'', which the Web site's servers can use to verify ownership of the email. Verification can also be delegated to a trusted 3rd party, allowing the Web site to be written without any specialized cryptographic code beyond SSL. | |||
== Terms == | |||
;identity | |||
An email address which identifies a user in a universally-recognizable way. | |||
;identity assertion | |||
A cryptographically signed document which proves to a particular audience that the current browser session is associated with an identity. | |||
;primary authority | |||
The service from whom a user acquires an email address. The primary authority may create assertions about any identity in their domain. | |||
;secondary authority | |||
A 3rd party service trusted by a Web site to issue identity assertions on behalf of a service which has not yet deployed infrastructure to issue identity assertions on their own. | |||
== Server == | == Server == | ||