My knowledge of Persona's functionality is only passing, but could it take the place of 3rd party social sign in providers like Gigya & Janrain? That is, if Google, Facebook, etc provided Persona endpoints could I use them to login people to $work's website? We're currently using one of the social sign in providers (after trying another) and haven't been entirely happy about the experience. All we really need is a way to authenticate a user and associate them with a user ID in our local database. In a perfect world, I wouldn't have to care whether they were a local , Google+, FB, Twitter, etc user.
> could [Persona] take the place of 3rd party social sign in providers like Gigya & Janrain?
Ideally, yes. One button, any user. No mandatory centralized / trusted third parties.
> if Google, Facebook, etc provided Persona endpoints could I use them to login people to $work's website?
You can actually do that right now. Persona includes a temporary centralized fallback that lets it work for any user, at any domain, right now. The only constraint is that the domain either needs to support Persona (as per the article), or the user needs to be able to receive email at that domain.
> All we really need is a way to authenticate a user and associate them with a user ID in our local database.
Persona is a Very Good Fit for this use case. If you're already storing email addresses for your users, you can implement Persona without making a single schema change. It should take you about an hour to get a proof of concept working.
I gave a 30 minute talk (+15 minutes Q&A) about Persona at PyCon last month: http://pyvideo.org/video/1764/. You might find it helpful in understanding the what, why, and how. I'm also more than happy to help you out personally -- contact info is in my HN profile. Please reach out to me if you have any questions.
We're finishing up work on a new website design, but I'm very interested in pursuing this idea. I'll watch the talk you linked during lunch time today. If I could save the business a 5 figure license fee with an hour's time... it seems like a no brainer to me!
For the moment, we're a Gigya customer but even the base license isn't cheap and don't use (or anticipate using) most of the functionality these 3rd party providers offer. We do use some of the other addons, but even those won't stay around forever either.
Yes, if Google/Facebook/(whatever domain you want) provide Persona endpoints, the user would be redirected to that Persona provider to sign in to your site.
From what I understand, it's exactly the same workflow as Facebook Connect, except it's <each user's Persona/mail provider> Connect.
No, it's not the same thing. When you use Facebook Connect, your browser asks Facebook to provide relevant information to the site you want to sing in. As a result, Facebook knows about which sites you signed in and when.
With Persona, you ask the identity provider to sign a proof-of-identity for you, which the browser stores. Then you can use it to sign in to different sites as long as it's valid(it expires after a certain amount of time for security reasons). Your identity provider wouldn't know which sites you signed in. That's why it's called browser-id.
So yes, the workflow is almost the same, but it's much better for privacy reasons.
I'd really love to get some feedback from you about a service that I am working on (http://www.authic.com). It's similar to Gigya & Janrain, but less about social, more focusing on bringing paid subscription web apps to market faster.
edit: My email is in my profile if you are interested in discussing it off HN. Beta code: authic_beta_testers
This Connection is Untrusted
You have asked Firefox to connect securely to
lukasa.co.uk, but we can't confirm that your
connection is secure.
Normally, when you try to connect securely,
sites will present trusted identification to
prove that you are going to the right place.
However, this site's identity can't be verified.
As suggested above, this is probably because your browser doesn't trust StartSSL. If you don't want to add them to your trusted certs, the same page is available over HTTP as well as HTTPS.
Thank you for being a good web citizen. Times two. First for people a "good person" and using Persona instead of some "innovative" home-rolled email solution or just using Facebook/Twitter auth. And more importantly for the thought-filled write-up. Should be useful.
My knowledge of Persona's functionality is only passing, but could it take the place of 3rd party social sign in providers like Gigya & Janrain? That is, if Google, Facebook, etc provided Persona endpoints could I use them to login people to $work's website? We're currently using one of the social sign in providers (after trying another) and haven't been entirely happy about the experience. All we really need is a way to authenticate a user and associate them with a user ID in our local database. In a perfect world, I wouldn't have to care whether they were a local , Google+, FB, Twitter, etc user.