668
edits
Changes
→Authenticating Users
=== Authenticating Users ===
A BrowserID-compliant domain MUST provide a user-authentication web flow starting at the URI referenced by the ''authentication'' field in the BrowserID support document. The specifics of the user-authentication flow are up to the domain. The flow MAY use redirects to other pages, even other domains, to complete the user authentication process. The flow SHOULD NOT use ''window.open()'' or other techniques that target new windows/tabs.
=== Certifying Users ===
