Firefox Accounts on Firefox OS
rfkelly at mozilla.com
Wed Oct 16 16:58:10 PDT 2013
On 16/10/2013 8:25 PM, Lloyd Hilaiel wrote:
> Jedp and I are spending time together in Bulgaria, and the topic is how
> do we implement Firefox Accounts in FirefoxOS.
> We wanted to figure out enough of an architectural direction to unleash
> folks in madrid.
To add my own +1 here: super excited to see this coming together, go team!
> Initial concrete target: logging into 123done.org <http://123done.org>
> on device should use firefox accounts.
Can you run through what this would mean in concrete terms, from a
user-experience point of view and in terms of information flow?
I *think* I can intuit it from the details in the high-level
"fxa-on-fxos" etherpad, but having it spelled out explicitly would be
My concern here: in the past we've made a distinction between
signin-to-web and signin-to-device, with persona providing the former
and fxaccounts providing the latter.
But 123done.org is a website :-)
So what does it mean for a login here to "use firefox accounts"? My
* User authenticates to FxA on FTU, gets a persistent session
as "user at example.com".
* User goes to 123done.org, clicks signin button.
* Device sees that it's authenticated to FxA, offers to signin
with "user at example.com" identity.
* User clicks "yes"
* Device generates an assertion for "user at example.com", backed
by a certificate from FxA, and delivers it to 123done.org.
* 123done.org accepts the assertion because it has opted-in to
trusting FxA as a secondary authority.
Does that match up with your current thinking?
More information about the Sync-dev