Browser ID and More in-browser identity (2C)

From IIW

Session Topic: Browser ID (T2C)

Convener: Ben Adida

Notes-taker(s): Sam Curren

Tags for the session - technology discussed/ideas considered:


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

The browser can help.

Developers need an email address.

Users understand email as a persona.

Devs like getting a verified email address.

Devs need to message users.


Going to impliment JSON* specs.

Js back off... Does nothing in the presence of native support.


Central dependancy disappears naturally as browsers add support.


Testing email ownership done currently by browserid.org, done later by email providers.


Eventually, ownership assertions will be short, relying upon webmail sign in to make it easier.


Browserid password is only temporary, till browsers support.


OpenIDComnect might be just as easy to build.

Convergence between these two?


Lets not kill each other for 'not helping the main project'


Js shim for browser support is a good strategy being demonstrate.


Password antipattern, eliminating the password solution.


Recycled email addresses.


Multiple secondaries?

trying to avoid this.


What is the status of browserid browser?

Adoption of primaries is the biggest adoption issue.