> at the end of the day I'm still relying on a single company to hold the keys to many accounts
Actually, with Persona, you're not. :)
Persona has a fully decentralized architecture. The centralization you're seeing right now is completely temporary, and only serves as a bootstrapping convenience. If you own your own domain you can turn it into a Persona Identity Provider and start minting your own identity certificates today, without Mozilla (or any other single company) being forced into the trust path.
We're going to build a Persona <-> Gmail OpenID bridge soon. Probably launching in May or June. It'll almost be like Google supports it directly. :) After that will come Google Apps support.
I'll submit a feature request to Spotify to get them to support Persona log in. When Gmail and Spotify are gone I'll be two big steps closer to getting rid of that pesky Facebook account ;)
Actually, it won't. You'll OpenID auth into google.login.persona.org, and then get a straight up Persona certificate signed by that fallback, along with all of the privacy safeguards that has.
Honestly, we haven't quite figured out a good way to do a "beta" or partial roll-out for this without breaking other users. Yaaaay decentralization! Instead, we'll be extensively QA'ing it in testing environments, and then we'll flip a big switch to enable it for everyone.
We wouldn't even have to turn it off -- as soon as gmail.com can vouch for its own users, the protocol automatically and preferentially switches over to that. The centralized parts fall away on their own whenever they can. :)
Actually, with Persona, you're not. :)
Persona has a fully decentralized architecture. The centralization you're seeing right now is completely temporary, and only serves as a bootstrapping convenience. If you own your own domain you can turn it into a Persona Identity Provider and start minting your own identity certificates today, without Mozilla (or any other single company) being forced into the trust path.