X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/b514b8d2af71ca14bd0cbc895d41ed9fa30234b4..9ff1edb5b986be7fded254127c1e4893c036ec3c:/doc/todo/BrowserID.mdwn diff --git a/doc/todo/BrowserID.mdwn b/doc/todo/BrowserID.mdwn index f45ac34b8..04a9166a8 100644 --- a/doc/todo/BrowserID.mdwn +++ b/doc/todo/BrowserID.mdwn @@ -2,10 +2,10 @@ Please consider providing a plugin for [BrowserID](https://browserid.org/) authe Some additional information on BrowserID: -- https://github.com/mozilla/browserid/wiki/How-to-Use-BrowserID-on-Your-Site -- http://identity.mozilla.com/post/7616727542/introducing-browserid-a-better-way-to-sign-in -- http://identity.mozilla.com/post/7669886219/how-browserid-differs-from-openid -- http://identity.mozilla.com/post/7899984443/privacy-and-browserid +- +- +- +- > I would like to see BrowserID offered as a signin option in ikiwiki > right next to the buttons for common openid providers. @@ -17,16 +17,9 @@ Some additional information on BrowserID: > And it means that relying on a https > connection to browserid.org to verify the user's identity assertion > token is out. (Well, it's probably out anyway, since it relies on https -> CA security as the only security in that part of the protocol. I'm not -> impressed by the documention using *curl* for this, which won't even -> validate the certificate AFAIK; and I don't trust https to random SPoF sites -> for security.) +> CA security as the only security in that part of the protocol.) > > This seems to need an implementation, in perl or an externally callable > program (haskell would be fine ;), -> of . -> The documentation of which is .. two cellphone snaps of a whiteboard? -> There is some kind of standalone verifier, but I have not found -> the part of the code that actually does the crypto. -> +> of . > --[[Joey]]