Labs/Identity/VerifiedEmailProtocol: Difference between revisions

Jump to navigation Jump to search

Labs/Identity/VerifiedEmailProtocol (view source)

Revision as of 17:30, 25 March 2011

140 bytes added ,  25 March 2011
→‎The really short version
No edit summary
Line 9: Line 9:
= The really short version =
= The really short version =


This proposal defines a way for a user to prove to a website that they control an email address. It does not require that email providers support the system, but provides a better experience and more control if they do. Since most user logins have an email-based password reset option, this system is effectively a universal login system for most of the web; websites that have stronger login requirements are free to use them, and have a more secure way to federate their logins to other sites.
The goal of this proposal is to provide a very simple web-centric binding to a well-understood identity token.


The goal of this proposal is to provide a very simple web-centric binding to a well-understood identity token.
Specifically: this proposal defines a way for a user to prove to a website that they control an email address.
 
It does not require that email providers support the system, but provides a better experience and more control if they do. Since most user logins have an email-based password reset option, this system is effectively a universal login system for most of the web; websites that have stronger login requirements are free to use them, and have a more secure way to federate their logins to other sites.  It provides more control over the duration and scope of a user login than is currently available in browser-based systems.


= Introduction=  
= Introduction=  
Mhanson
348

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/294001"

Navigation menu