[m_eiman]

no exposure to identity provider

That's not quite true, is it? The documentation says I need to verify the user's identity by calling e.g. browserid.org/verify…

[sandeepshetty]

"NOTE: You may choose to validate assertions on your own server. While a bit more complicated you can reduce your dependencies on others. Refer to the specification and the source for the reference validator."

- https://github.com/mozilla/browserid/wiki/How-to-Use-Browser...

[thristian]

The documentation also says "NOTE: You may choose to validate assertions on your own server. While a bit more complicated you can reduce your dependencies on others. Refer to the specification and the source for the reference validator."

[Groxx]

Doesn't that make you the identity provider, who you must identify yourself to? That sounds pretty similar to running your own OpenID server.