| |||||||||||||
Mozilla "Persona" beta releaseMozilla "Persona" beta releasePosted Oct 1, 2012 1:48 UTC (Mon) by roc (subscriber, #30627)In reply to: Mozilla "Persona" beta release by alankila Parent article: Mozilla "Persona" beta release
BrowserID has other advantages over OpenID. It has a big privacy advantage: with OpenID, your OpenID provider is informed of every site you log into, every time you log into it. It's like the government being informed every time you present your driver's license as ID. (Actually worse, since the ID provider can selectively deny authentication on a site by site basis.)
With BrowserID an ID provider can at most deduce (via its key being fetched) that *some* unspecified user is logging into a particular site, and because the key is cached this notification only happens once in a while (e.g. every 12 hours).
(Log in to post comments)
Mozilla "Persona" beta release Posted Oct 4, 2012 9:39 UTC (Thu) by alankila (subscriber, #47141) [Link]
This is an excellent point. I agree that this change turns me far more enthusiastic about Persona, because there is no real reason for openid provider to know about the sites I visit.
Mozilla "Persona" beta release Posted Oct 8, 2012 3:43 UTC (Mon) by ras (subscriber, #33059) [Link]
> It has a big privacy advantage: with OpenID, your OpenID provider is informed of every site you log into, every time you log into it.
Yes, this is true. But OpenID implemented well reveals nothing about you to the site you are logging into. They just get a nonce. And while it is true your OpenID provider does get to see your login, you can choose your OpenID provider and chain them.
Persona also has a big disadvantage: it uses the same unique user name for every site. So if sites cooperate they can track your movements without your knowledge.
So they both have bad sides. I think Persona's is worse. While is is true my OpenID provider does get to see all my logins, I get to choose my OpenID provider. I could even set up my own provider, if I so choose. But say if I want to use say Twitter with Persona, then I don't have the choice of choosing some other "Twitter provider" because I trust them more with my email address.
This was a really odd design choice by the Persona developers. I can't understand why they designed an auth protocol they forces you to or remember any identifier (or "principle" in the parlance used by the Persona spec) - be it an email address or anything else. The association should be between one meaningless nonce and another, nothing more. If the use case then warrants tying other data to that association, like an email address, name, phone number or whatever than that's fine, but the protocol shouldn't force that onto you.
Mozilla "Persona" beta release Posted Oct 8, 2012 4:05 UTC (Mon) by Cyberax (✭ supporter ✭, #52523) [Link]
Well, since OpenID uses a URL as an identifier, then it can be used to track you just as easily.
And Persona doesn't preclude the use of ephemeral names like N123123@nopersona.org (which I've just registered) to make tracking more complex.
I mostly see the unified name as a feature, not a bug.
Mozilla "Persona" beta release Posted Oct 8, 2012 4:18 UTC (Mon) by ras (subscriber, #33059) [Link]
> since OpenID uses a URL as an identifier, then it can be used to track you just as easily.
No so.
Yes, it uses a URL. But as of version 2 a provider can provide the same login URL for all users. Google's implementation does this. I would not use any OpenID provider that didn't do it, which among other things means I wouldn't use any provider who only implements version 1.
|
|||||||||||||