Identity/BrowserID/BigTent

From MozillaWiki
< Identity‎ | BrowserID
Revision as of 16:44, 17 April 2012 by Aking (talk | contribs) (→‎Schedule: Updated with https://id.etherpad.mozilla.org/36 notes)
Jump to navigation Jump to search

BigTent

A ProxyIdP service for bridging major IdPs who lack support for the BrowserID protocol.

No user data is stored, except their email address which is stored in a secure session in a cookie in the user's browser.

Architecture

The BigTent service will be a new service that looks like Vinz Clortho, or Mozilla IdP. BrowserID currently understands *primary* and *secondary* email addresses. A new class *proxy* will be added for a whiltelist of TLDs.

  • gmail.com
  • yahoo.com
  • hotmail.com

When a user enters a proxy email address, instead of being processed like a secondary, the will be authenticated via BigTent. The user will see an OpenID, OAuth, or other 3rd party screen hosted by their email provider which asks if they wish to log in to browserid.org. If the agree, we'll get confirmation that they own that email address and we'll issue assertions on their behalf.

The issuer for these certificates will be bigtent.

Codebase

Provisional repo is at https://github.com/ozten/browserid-bigtent

Domain Name

TBD. This should be invisible to end users.

Project Management

Schedule

  • 4/25 - 5/9 Development Sprint
  • 5/9 - AWSBOX Deployment
  • After AWSBOX Deployment - Skinny to do UX review
  • 5/9 - 5/23 Dev sprint for "First IdP reworked to skinny's satisfaction"
  • 5/9 - 5/23 All IdP proxies alpha deployed on AWSBOX
  • ? Stage deployment
  • ? Testing begins
  • 5/23 - 6/6 Production deployment of all proxied IdPs

Bugs

Retrieved from "https://wiki.allizom.org/index.php?title=Identity/BrowserID/BigTent&oldid=420951"