On PHPMaster.com there's a new tutorial from Vito Tardia about using the Mozilla Persona authentication system in your PHP application - an abstracted authentication system that keeps only a token representing the user in your system.
Mozilla Persona is built upon the BrowserID technology also developed by Mozilla. You can find an expanded explanation of the concepts in the article How BrowserID Works by Lloyd Hilaiel. [...] An email address is an identity and it’s verified by the email provider [then the] authentication takes place in the browser.
He talks about the three steps in the process (certificate provisioning, assertion generation and assertion verification) and includes some sample code that does the work for you with some PHP, HTML and Javascript. In his example he just authenticates the user and returns the success/fail back to the calling script. You could take it one step further and integrate it with the session handler as well.