Identity/Features/Verified Email Service: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
Line 68: Line 68:


== Designs ==
== Designs ==
API docs:
* [[MozillaID/Spec|Verified Email Protocol]]
* [[MozillaID/InternalSpec|Client API]]


Future API spec (for reference):
* [[Identity/Verified Email Protocol|Verified Email Protocol]]
* [[Labs/Identity/VerifiedEmailProtocol|Verified Email Protocol (Labs)]]
 
Client mockups (for reference):
* [http://people.mozilla.com/~faaborg/files/projects/accountManager/ Are We Pretty Yet? - Account Manager]
* [[MozillaID#UX_Mockups|HTML client mockups]]


== Use Cases ==
== Use Cases ==

Revision as of 00:30, 12 May 2011

Feature Status ETA Owner
Verified Email Service Blocking on certificate flow (protocol) 2011.05.10 Dan Mills

Summary

Backend service that implements a "Secondary Authority", allowing sites to implement the Verified Email Protocol on their sites and users to sign into those sites by using e-mail addresses verified by Mozilla.

This service leverages our existing Firefox Sync accounts, turning them into more general Firefox Accounts.

Related features:

Team

Who's working on this?

  • Feature Manager: Dan Mills
  • Lead Developer: JR Conlin
  • Product Manager: Dan Mills
  • QA: TBD
  • UX: Chris Howse
  • Security: Michael Coates
  • Privacy: Sid Stamm

Release Requirements

Item Bug Status
Service uses Firefox Sync IDs as its auth backend - -
API for clients to issue Verified Email assertions - -
API for clients to create new accounts (without necessarily provisioning Sync) - -
API for clients to add/remove email addresses to/from an existing account - -
API for clients to send/re-send verification emails - -
API for clients to list verified/pending emails - -
Service implements APIs for verifying identity assertions (for sites) - -
Service remembers which emails have been used on each RP - -

Next Steps

Open Issues

Related Bugs & Dependencies

Designs

Use Cases

Test Plans

Goals

  • Implement a "Secondary Authority" -- a service which issues Mozilla-signed identity assertions to other sites. These assertions are for email addresses we have verified as belonging to the user
  • Users can verify any email address they wish, and any number of them
  • Implement a "Secondary Verifier" -- a service able to verify identity assertions for other sites via a server-to-server API
  • Implement all APIs necessary to build the HTML and Firefox-native clients
  • Build towards a fully distributed Verified Email system down the road (see Labs' Verified Email protocol)

Non-Goals

  • Integrating with/implementing non-Verified Email auth protocols
    • including HTTP Auth, forms-based sign-in, OpenID, OAuth, etc.
  • Implementing fully de-centralized Verified Email support
  • Support for other profile information (we'll do this potentially in the future)

Other Documentation

Legend (remove if you like)

  Healthy: feature is progressing as expected.
  Blocked: feature is currently blocked.
  At Risk: feature is at risk of missing its targeted release.
ETA Estimated date for completion of the current feature task. Overall ETA for the feature is the product release date.
Retrieved from "https://wiki.mozilla.org/index.php?title=Identity/Features/Verified_Email_Service&oldid=307695"