Services/Sync/Features/BrowserID Authentication: Difference between revisions

Services/Sync/Features/BrowserID Authentication (view source)

73 bytes added , 28 December 2011

m

no edit summary

canmove, Confirmed users

409

edits

@@ Line 12: / Line 12: @@
 |Feature requirements=# New Sync users do not need to explicitly create a Mozilla Services account, but instead create BrowserID accounts (if they don't have one already)
 # HTTP requests to the Sync server are authenticated via something derived from BrowserID, not by the user's original credentials.
-# The HTTP authentication mechanism should be designed in such a way it can be reused by not only additional Mozilla services, but also by random people on the Internet, for both large and small services.
+# The authentication mechanism should be usable outside of Sync, outside of Mozilla, by anybody wishing to add BrowserID authentication to her service.
-|Feature non-goals=This feature does *not* involve changing Sync's data encryption model (currently using a cryptographically secure randomly generated private key for client-side encryption). It only involves changing the mechanism by which new user accounts are handled and how Sync HTTP requests are authenticated.
+# The authentication mechanism cannot be raw BrowserID assertions, as these can be quite large and unsuitable for repeated use.
+|Feature non-goals=This feature does not involve changing Sync's data encryption model (currently using a cryptographically secure randomly generated private key for client-side encryption): it only involves changing the mechanism by which new user accounts are handled and how Sync HTTP requests are authenticated.
 }}
 {{FeatureInfo