Hi I'm the Mozilla intern that developed this and would really love some feedback! It's super-experimental right now, but feel free to try it out! I plan to release a more formal post later once some more bugs are squashed.
First of all, project looks great! Haven't had a chance to try it yet, but I've been impressed with other WebRTC demos, including http://vmux.co which is similar but uses Twitter to authenticate.
My slightly less positive feedback would be, it seems dodgy that it uses personatest.org instead of persona.org (and there's no website at www.personatest.org verifying its legitimacy). Kind of makes me anxious that I'm being phished. Any reason for this? You surely don't want people getting used to entering their Persona credentials at sites other than persona.org.
Persona required some changes to the code that have not yet landed in production i.e. on login.persona.org so we are using personatest.org for preliminary testing :)
Is there a source package for this? I already run my own Persona identity provider and wouldn't mind rolling this out for my family or for my workplace on servers I own
Hm Persona (or browserid) is advertised as a decentralized solution to replace passwords with a centralized backup running on mozillas servers. To avoid exactly what happens to me now when I click on the "Sign in with email" button:
----------------------
Error
We are very sorry. The server is under extreme load!
Please close this window and try again.
Action: Checking if Cookies are Enabled
Now: Thu, 29 Aug 2013 06:03:47 GMT
Network Info: GET: /wsapi/session_context
Response Code - 503
Response Text: server is too busy
Error Type: server is too busy
----------------------
just two days ago I tried to install everything so I could be my own browserid provider. Turns out that is not really easy (yet). Even if I got quite a bit and was able to run https://github.com/mozilla/browserid-certifier on my server, I never was able to talk to it via curl (the example they have just crashes it) or from a PHP script (I always got a 400 Bad Request). That is mostly because I didn't get how "pubkey - Object compatible with JWT public keys." should look like.
In the end, after a days work I gave up because it was already way after midnight. I hope in the future there will be single file-php-script which I could call from the HTML pages I need to provide which would do all the signing, etc. for one-person browserid providers like I want to become.
Also, the reason the server is busy is because Tin Can currently needs a forked version of Persona, so it's not running on the production infrastructure.
Tried signing in with a gmail account and it wanted me to create a password. The gmail bridge seems to be functioning normally at persona.org, so what's the deal?
Tin Can is currently an experimental project. The login is currently using personatest, which is running an older version. I'm not too sure what the status is (I'm a friend of the author) right now with integrating this into persona.
(Identity team member here.) Yes, that's right. tincan is against running an ephemeral instance of Persona that doesn't do the account bridging, and doesn't share a database with the real persona.org. We do plan to integrate this with Persona. Also, while I think this is an awesome use case for Persona, and we do intend to land it in Firefox [1], it's worth noting that the proposed webrtc idp proxy architecture [2] is designed to work with any identity provider, not just Persona, and could be incorporated into any browser.
This is also why people should hire Ryan Seys when he's done with university. Oops - I didn't just say that! Hopefully he'll be coming back to Mozilla :)
I am sorry! It is likely due to WebRTC's inability to connect to others when difficult NATs get in the way. TURN servers can mitigate this but Tin Can is not set up to use a TURN server (yet).
