More on data formats
lukeh at padl.com
Tue Nov 26 16:13:24 PST 2013
On 27 Nov 2013, at 10:59 am, Ryan Kelly <rfkelly at mozilla.com> wrote:
> My understanding was that we hoped the distinction between "BrowserID
> Verifier" and "FxA Verifier" would go away, and leave us with a single
> instance of "The Verifier".
> Is this still a goal, and does the proposed assertion format make it
> easier or harder?
Are FxA assertions ever going to be consumed by non-Mozilla RPs? If so, there's an argument for putting the UUID in a separate JWT claim from that containing the email*, so they are still verifiable BrowserID assertions.
Forgive me if this has been covered before.
* by email address, I mean RFC822-like account identifier
More information about the Dev-fxacct