Identity/BrowserID/BigTent

From MozillaWiki
Jump to: navigation, search

BigTent

A ProxyIdP service for bridging major IdPs who lack support for the BrowserID protocol.

No user data is stored, except their email address which is stored in a secure session in a cookie in the user's browser.

Initial launch will target yahoo.com email addresses. Follow up releases can enable other popular email providers.

Architecture

The BigTent service will be a new service that looks like Vinz Clortho, our Mozilla IdP. BrowserID currently understands *primary* and *secondary* email addresses. A new class *proxyidp* will be added for a whitelist of TLDs.

  • gmail.com
  • yahoo.com
  • hotmail.com

When a user enters a proxy email address, instead of being processed like a secondary, they will be authenticated via BigTent. The user will see an OpenID, OAuth, or other 3rd party screen hosted by their email provider which asks if they wish to log in to browserid.org. If they agree, we'll get confirmation that they own that email address and we'll issue assertions on their behalf.

The issuer for these certificates will be bigtent.

Environments

Play with BigTent! The Persona dev environment is BigTent enabled for yahoo.com and gmail.com.

Test Plan

Test Plan

Codebase

browserid-bigtent on github

Domain Name

yahoo.login.persona.org

Project Management

Current Status

Project Status Etherpad

Schedule

  • 4/25 - 5/9 Development Sprint
  • 5/9 - AWSBOX Deployment
  • After AWSBOX Deployment - Skinny to do UX review
  • 5/9 - 5/23 Dev sprint for "First IdP reworked to skinny's satisfaction"
  • 5/9 - 5/23 Dev sprint for all IdP proxies alpha deployed on AWSBOX
  • 5/15 Testing against awsbox deployment
  • 7/16 - Legal review for Yahoo.com completed
  • 9/15 - Security Review completed
  • 9/18 - All Legal bugs closed

Around June We hit a bottleneck on Ops resources to focus on Beta launch.

  • TBD Stage deployment
  • TBD Testing against Stage
  • TBD Security testing on Stage
  • TBD Production deployment of all proxied IdPs

Bugs

See dependent bugs for a complete list of open bugs

Get Involved