Web Application Security
creating an open web application security home
BrowserID: System security
February 3rd, 2012 by gdestuynder
With the launch of browserid.org we have been busy reviewing the code and design of BrowserID. However, we also wanted to: Enforce privilege separation at the system level Render the potential security issues in the web app code, and other services running less relevant This is implemented via: Role based access control (RBAC) Enforced by [...]
Securing BrowserID
December 14th, 2011 by yboily
One of the important projects that Mozilla has been building in 2011 is BrowserID, a user-centric identity protocol and authentication service. Significant work has gone into building out and testing the infrastructure and protocol to make sure that it is a robust, open, and simple to adopt authentication scheme. If you want to learn more [...]