I can't speak for ASP.NET
I give up. What is so special about Persona???
And ASP.NET provides something virtually identical as its means of user authentication.
Personally, I would trust my home-grown version more, simply because I wrote it and I *know* that it doesn't have some back door in it that is sending all my user's email addresses and passwords to some central site for collection and later use in Phishing or worse attacks
as that is a Microsoft system, and I'm using Linux.
If it's secure then fine.
The question re Persona being special
is most relevant to those entering website development, and those who are already established, but never mastered the aspects of secure login.
When I read the piece here (1146 brownie points req 15 points to vote):
It was immediately apparent that the vast majority of site developers would not be able to come close to this level of security.
I'm sure that basket statement does not include many of the senior programmers on this site, but I'm confident the statement stands and is generally applicable.
Persona deals with many of the problems
by removing the password, and encrypting it within ones browser ie. using two browsers, one registers twice.
The ID/email address verification is handled by Mozilla.
Clearly one then must put ones trust in Mozilla re the verification process (sending emails correctly), but they do not hold the passwords.
The passwords are held individually, meaning that there can be no mass break-in, grabbing passwords associated with account data.
Is this special vis a vis OAuth, or OpenID, or the Microsoft system?
I don't know...... but it certainly seems to make sense.
The developer now no longer needs to manage ID verification, nor store passwords.
This definitely makes life easier for the developer.
Is that a good thing?
Well.... if it works, and increases user security, then surely it must be good.
But it is a serious question.
Is that a good thing?
Am I barking up the wrong tree here?
But assuming it is good..... the real advantage must then be for new site developers, who can quickly and easily gain a secure login system, in face of their other option, which is that they have little or no chance of gaining a secure system.
I mentioned on a previous post how, searching for 'secure login script', takes you into a morass of well meaning uploads, many of which being outdated etc.
Therefore it seems clear to me, that by providing well thought through 'mysql integration', the Persona login script becomes absolutely ideal as a website plugin.
There would be no need to stop there.
A 'single user session' script
might compliment the plugin very nicely, allowing the session to prevent other people using the same ID at the same time.
Some developers might not want it, but others would..... I personally would.
However, overall, and in the spirit of your fair question... I would say that the Persona system may hold nothing of interest for yourself.
That's not the point.
It's for others.
More specifically, it's for those that need it.
Getting it to them...... now that's a different ballgame.
Starting from scratch.
Great project though.
Have I made a good case?