[jimktrains2]

As someone else pointed out, Mozilla won't have to know once the protocol is more supported. Currently they're acting as a transitionary bridge, not a required element.

Also, iirc, Google doesn't have to know where you're signing in either. I'll have to double check that part.

[StavrosK]

The identity provider/bridge doesn't know either. They sign an assertion, so they know that you want to log in somewhere once, but not where or when.