canmove, Confirmed users
409
edits
Services/Sync/Features/BrowserID Authentication: Difference between revisions
Jump to navigation
Jump to search
m
Services/Sync/Features/BrowserID Authentication (view source)
Revision as of 20:42, 28 December 2011
, 28 December 2011add definitions
m (initial) |
m (add definitions) |
||
| Line 9: | Line 9: | ||
The bulk of this feature is to design a mechanism where BrowserID can be utilized to facilitate request authentication, replacing the existing HTTP Basic Auth. | The bulk of this feature is to design a mechanism where BrowserID can be utilized to facilitate request authentication, replacing the existing HTTP Basic Auth. | ||
|Feature users and use cases=When new users sign up for Sync, they log in to BrowserID or are presented an opportunity to sign up for BrowserID. Contrast this with the existing method, where users need to log in or create their Mozilla Services account. | |||
|Feature requirements=# New Sync users do not need to explicitly create a Mozilla Services account, but instead create BrowserID accounts (if they don't have one already) | |||
# HTTP requests to the Sync server are authenticated via something derived from BrowserID, not by the user's original credentials. | |||
# The HTTP authentication mechanism should be designed in such a way it can be reused by not only additional Mozilla services, but also by random people on the Internet. | |||
|Feature non-goals=This feature does *not* involve changing Sync's data encryption model (currently using a cryptographically secure randomly generated private key for client-side encryption). It only involves changing the mechanism by which new user accounts are handled and how Sync HTTP requests are authenticated. | |||
}} | }} | ||
{{FeatureInfo | {{FeatureInfo | ||