Building Persona: federated and privacy-sensitive identity for the Web

A session at linux.conf.au 2013

Friday 1st February, 2013

2:15pm to 3:00pm (EST)

Identity systems on the Web are a bit of a mess. Surely in 2012, we would have something else than usernames and passwords for logging into websites. A solution that doesn't require trusting a central authority with a privacy policy that can change at a whim.

It turns out that solving the general identity problem is very hard. Some of these solutions require complicated redirections, an overwhelming amount of jargon and lots of verbose XML. The technology has been around for a long time, but implementing it properly (and safely) is often incredibly difficult. It's a lot to ask of the millions of part-time developers out there that are building sites out of some quick HTML, a MySQL database and some PHP code samples.

This talk will explore the challenges of the existing Web identity solutions and introduce the choices that we made during the development of Persona (formerly BrowserID), a new Open Source federated identity solution from Mozilla, designed and built to respect user privacy.

It will cover:

  • a quick overview of existing identity systems on the Web
  • a discussion of the complexities and privacy-related concerns that existing identity solutions have
  • the cryptographic protocol behind Persona (including how crypto is used to provide both authentication and privacy, even from your identity provider)
  • the Persona federation approach: fully distributed with fallbacks
  • demos and actual code from sites that have implemented Persona
  • the basics of the Persona API so that attendees can go out and support this technology on their own sites without much trouble

Identity is a very significant piece of Internet infrastructure and so it is critical that the solution that gets widely adopted be free-as-in-freedom, distributed and ruthlessly focused on making it easy for developers and end-users.

About the speaker

This person is speaking at this event.
François Marier

Passionate about decentralization and software freedom. Security & privacy engineer at Mozilla.

Coverage of this session

Sign in to add slides, notes or videos to this session

linux.conf.au 2013

Australia Australia, Canberra

28th January to 2nd February 2013

Tell your friends!


Time 2:15pm3:00pm EST

Date Fri 1st February 2013

Short URL


Official event site


View the schedule



See something wrong?

Report an issue with this session