Mozilla VerifiedEmailProtocol : Better than OpenId?

Introduction from the above link.

A number of web-scale identity proposals start by creating a new identity token – for example a user ID or personal URL – and go on to describe how to use that token to authenticate the user. What we’ve learned from several years of experience with OpenID (and related protocols) is that this isn’t quite good enough: establishing an identity token, in isolation from the rest of the web, doesn’t actually help a site engage with its users.

This proposal instead focuses on an identity that is universally understood and useful for users and service operators: the email address. Email is already a fully-distributed system, with millions of participating hosts and billions of accounts. It is deeply interdependent with the Domain Name System, which provides a globally-distributed name lookup system. It is understood that a single human may have more than one address, and that an address may represent shared authority between several persons. Email already supports pseudonymous identity, through anonymous remailers. And, most importantly, users understand what an email address represents.

It is understood that “” means that there is a person, here called “alice”, who has agreed to trust “” to test her identity and to act as a secure relay for messages. The fact that we use this identifier only for SMTP mail delivery is an accident of history; there is no reason we can’t bootstrap from this identifier to other protocols (as recent proposal like Webfinger have made clear).


This entry was posted in Uncategorized. Bookmark the permalink.