More on data formats

Chris Karlof ckarlof at mozilla.com
Mon Nov 25 18:17:19 PST 2013


Regarding how we signal the subject of the certificate, here's a summary of where we're at:

For Persona certificates:

sub: <user's email address>
email: not used

For FxA certificates:

sub: <FxA user id as a uuid>
email: <verified email address supplied by user during signup>

Regarding how we represent the email/uid in the sub, since JWT allows StringOrURI in the sub, we discussed using URIs to make the implied semantics more explicit. For example, for FxA certificates, the sub could be "urn:uuid:<FxA uid>", and for Persona certificates the sub could be "mailto:<user's email address>".

Thoughts?

-chris


On Nov 25, 2013, at 2:53 PM, Dirkjan Ochtman <dirkjan at ochtman.nl> wrote:

> Today's meeting notes:
> 
> https://id.etherpad.mozilla.org/persona-fxa-and-native
> 
> Cheers,
> 
> Dirkjan
> _______________________________________________
> Dev-fxacct mailing list
> Dev-fxacct at mozilla.org
> https://mail.mozilla.org/listinfo/dev-fxacct




More information about the Dev-fxacct mailing list