History and motivations
- it uses email addresses as identifiers
- it is more focused on privacy
- is intended to be fully integrated in the browser.
The privacy goal is motivated by the fact that the identity provider does not know which website the user is identifying. It was first released in July 2011 and fully deployed by Mozilla on its own websites in January 2012.
Principles and implementation
Persona was inspired by the VerifiedEmailProtocol. which is now known as the BrowserID protocol. It uses any user email address to identify its owner. This protocol involves the browser, an identity provider, and any compliant website.
The browser, the provider and the website
The browser stores a list of user verified email addresses, and demonstrates the user's ownership of the addresses to the website using cryptographic proof.
Mozilla announced "Identity Bridging" support for Persona in July, 2013: As they describe on their blog: "Traditionally...Mozilla would send you an email and ask you to click on the confirmation link it contained.With Identity Bridging, Persona learned a new trick; instead of sending confirmation emails, Persona can ask you to verify your identity via your email provider’s existing OpenID or OAuth gateway." This announcement included support for existing users of the Yahoo Mail service. In August 2013, Mozilla announced support for Identity Bridging with all Gmail accounts. They wrote in this additional announcement that "combined with our Identity Bridge for Yahoo, Persona now natively supports more than 700,000,000 active email users. That covers roughly 60-80% of people on most North American websites." 
Persona can be implemented by CMSs such as Drupal, Serendipity, WordPress, Tiki or SPIP. There is also support for Persona in the Phonegap platform (used for compiling HTML5 apps into mobile apps). Mozilla provides its own Persona server at persona.org. It is also possible to set up your own Persona identity provider, providing federated identity.
- "Persona", Mozilla Developer Network (MDN) (Mozilla), retrieved 2013-02-10
- Persona: Connect with Mozilla Persona, the safest & easiest way to sign in., Mozilla, retrieved 2013-02-10
- "Introducing BrowserID: A better way to sign in", Mozilla Identity team (Mozilla), 2011-07-14, retrieved 2013-02-10
- Ben Adida <benadida> (2011-07-15), "How BrowserID differs from OpenID", Mozilla Identity team (Mozilla), retrieved 2013-02-10
- Leyden, John (2012-01-20), Mozilla pushes browser-based alternative to passwords, The Register, retrieved 2013-02-10, "Give us your keys to look after, we're lovely"
- "Verified Email Protocol: Overview and Introduction", Mozilla Wiki (Mozilla), retrieved 2013-02-10
- How BrowserID Works, lloyd's blog, 2011-07-01, retrieved 2013-02-10
- "Glossary - "Persona" vs. "BrowserID"". Mozilla Developer Network. [Mozilla]. 2012-11-26 (update). Retrieved 2013-02-10.
- "What is an Identity Bridge?" July 26, 2013
- "Mozilla Makes Signing in Easy for Gmail Users," August 8th, 2014
- <Drupal module> Mozilla Persona (BrowserID), Drupal, 2011-07-15, retrieved 2013-02-10, "Brought to you within 24 hours of the BrowserID announcement"
- "Serendipity: Backend: Usermanagement plugins". Serendipity Weblog System (a PHP based CMS). Serendipity. Retrieved 2013-02-10.
- couchbaselabs / cordova-browserid, retrieved 2013-03-13, " Mozilla Persona (aka BrowserID) and PhoneGap / Cordova, together at last."
- "Implementing a Persona IdP". Retrieved 10 March 2013.
- Ting implements Mozilla Persona, Ting.com, retrieved 2013-03-13
- Mozilla Persona: About, Mozilla, retrieved 2013-03-13
|This security software article is a stub. You can help Wikipedia by expanding it.|