Most of the Persona criticism you link to is rather old. In the case of the Stack Exchange one, I took the time to point out flaws in the "accepted answer", but the other article also makes a few flawed assumptions. It's easy to find problems when you compare Persona implicitly to an ideal system that doesn't (and never will) exist, but when you dive deep into those problems, things aren't so simple
One thing to point out is that we're not going to get out of the authentication mess with pure HTML solutions. To get a solution that's decent from a privacy and security point of view, we need support from the browser. So yes, Persona as it stands doesn't solve everything that's wrong about authentication on the web (neither does OpenID), but it's only going to improve as native support gets rolled out.
It's intended to be just as decentralized as OpenID, which as you point out, is critical for keeping the web open. We care deeply about that.
Anyways, I think you should take another good look at it If you have any questions: https://www.mozilla.org/about/forums/#dev-identity (or #identity on irc.mozilla.org). You can always email me of course
Actually, there is an LDAP module for Drupal 7, and it's actually quite good! It even seems that the 2.x branch has support for writing to LDAP directories, something that was even hairier in the 6.x LDAP integration module we are currently using.
Something we should probably look at!
Salut Antoine,
Most of the Persona criticism you link to is rather old. In the case of the Stack Exchange one, I took the time to point out flaws in the "accepted answer", but the other article also makes a few flawed assumptions. It's easy to find problems when you compare Persona implicitly to an ideal system that doesn't (and never will) exist, but when you dive deep into those problems, things aren't so simple
One thing to point out is that we're not going to get out of the authentication mess with pure HTML solutions. To get a solution that's decent from a privacy and security point of view, we need support from the browser. So yes, Persona as it stands doesn't solve everything that's wrong about authentication on the web (neither does OpenID), but it's only going to improve as native support gets rolled out.
It's intended to be just as decentralized as OpenID, which as you point out, is critical for keeping the web open. We care deeply about that.
Anyways, I think you should take another good look at it If you have any questions: https://www.mozilla.org/about/forums/#dev-identity (or #identity on irc.mozilla.org). You can always email me of course
François