A ProxyIdP service for bridging major IdPs who lack support for the BrowserID protocol.
No user data is stored, except their email address which is stored in a secure session in a cookie in the user's browser.
Initial launch will target yahoo.com email addresses. Follow up releases can enable other popular email providers.
The BigTent service will be a new service that looks like Vinz Clortho, our Mozilla IdP. BrowserID currently understands *primary* and *secondary* email addresses. A new class *proxyidp* will be added for a whitelist of TLDs.
When a user enters a proxy email address, instead of being processed like a secondary, they will be authenticated via BigTent. The user will see an OpenID, OAuth, or other 3rd party screen hosted by their email provider which asks if they wish to log in to browserid.org. If they agree, we'll get confirmation that they own that email address and we'll issue assertions on their behalf.
The issuer for these certificates will be bigtent.
Play with BigTent! The Persona dev environment is BigTent enabled for yahoo.com and gmail.com.
- Dev dev.123done.org
- Stage TBD
- Prod TBD
- 4/25 - 5/9 Development Sprint
- 5/9 - AWSBOX Deployment
- After AWSBOX Deployment - Skinny to do UX review
- 5/9 - 5/23 Dev sprint for "First IdP reworked to skinny's satisfaction"
- 5/9 - 5/23 Dev sprint for all IdP proxies alpha deployed on AWSBOX
- 5/15 Testing against awsbox deployment
- 7/16 - Legal review for Yahoo.com completed
- 9/15 - Security Review completed
- 9/18 - All Legal bugs closed
Around June We hit a bottleneck on Ops resources to focus on Beta launch.
- TBD Stage deployment
- TBD Testing against Stage
- TBD Security testing on Stage
- TBD Production deployment of all proxied IdPs
See dependent bugs for a complete list of open bugs