Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

The Mozilla statement notes that having e-mail providers vouch for a user’s identity, and storing the necessary certificate in the browser for any site to check, “is the key to making BrowserID decentralized.”

No information is being passed to other parties beyond what’s necessary, and the user doesn’t have to rely on a third-party website. Mozilla points out that if users rely on one particular social network to log in to many different sites, switching to another social network becomes problematic.

For BrowserID to take off, websites will have to adopt it. Mozilla has provided code that websites can drop in if they want to use BrowserID. Mozilla also provides a free verification service that checks certificates and handles verification e-mails. Websites could also choose to run their own verification servers.

The project is designed using JavaScript and HTML5, technologies common to all modern browsers, including mobile browsers. Mozilla says it intends to make BrowserID a Firefox add-in, and says the foundation would work with other browser vendors who wanted to build the system into their products.

“I think ID should eventually be baked into the browser,” as Mozilla is doing, says Terrell Russell, cofounder of an online identity-management system called ClaimID. “I think it should come with controls for anonymity, of course, but it is the right place for identity information to be managed.”

Russell expects people to begin moving away from identity providers such as Facebook Connect, especially as they grow more concerned about how Web companies are using their private information.

Mozilla is trying to give people the same benefits, Russell says, but BrowserID is “something people can control and understand a little better.” This is because users can delete information from their own browsers easily, but they cannot necessarily track or delete information held by third-party providers.

6 comments. Share your thoughts »

Credit: Mozilla

Tagged: Web, security, privacy, Web 2.0, browsers, identity

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me