Firefox Accounts on Firefox OS

JR Conlin jrconlin at mozilla.com
Thu Oct 17 10:51:22 PDT 2013


On 2013/10/16 4:58 PM, Ryan Kelly wrote:> Can you run through what this
would mean in concrete terms, from a
> user-experience point of view and in terms of information flow?
>
> I *think* I can intuit it from the details in the high-level
> "fxa-on-fxos" etherpad, but having it spelled out explicitly would be
> useful.
>
> My concern here:  in the past we've made a distinction between
> signin-to-web and signin-to-device, with persona providing the former
> and fxaccounts providing the latter.
>
> But 123done.org is a website :-)
>

I'm also a bit curious about this, but for potentially different
reasons. Feel free to tell me shut up if I'm wildly off base.

What sort of information will we be holding for users of Firefox Accounts?

Presuming that FirefoxAccounts is different, or an extension of Persona,
there might be any sort of bits that could be associated with this. Say
a set of public facing bits of data such as the user's preferred name,
icon, location, etc. Naturally, that does equate to PII. There could
also be the potential issue that we'd be able to track users across
sites or other elements of metadata that could potentially be used
against a given user.

I know that persona takes great effort to avoid these sorts of
disclosures when possible. Would the same sort of idea be present for
Firefox Accounts? (e.g. user personalization is provided by the browser
and synced rather than accessed from a central service?)

thanks!


More information about the Sync-dev mailing list