In the end, I found that Daniel contributed to the third Q&A on BrowserId / Persona and WebID . I found this answer most helpful. (I tried to convince him to publish here, but he suggested that I do it.)
Security, privacy, and usability requirements for federated identity by Michael Hackett and Kirstie Hawkey provide a comparison between WebID and Mozilla Persona, which was still referred to as BrowserID for the time being.
The main differences noted in table 1:
- Private keys are short-lived and must be password protected. WebID keys are durable, but can be easily disabled from a password-protected profile.
- The current Persona implementation uses standard browser windows, so it is difficult to detect spoofing (this may change after browsers get Persona Persona support). WebID uses a user interface to select its own browsers, so there is no phishing.
- Persona's identity and WebID may be compromised if the owner's email address / URI is lost.
- Persona IdPs are unaware of SPs that use an identifier. WebID IdPs know every SP that uses an identifier.
- If Persona SP has an IdP public key cache and the browser still has a valid certificate, you can still verify the identifiers. WebID profiles must be accessible, otherwise identifiers will not be used.
- Persona has a good UX design, while WebID is the other way around.
I suggest reading the article in more detail. It is freely available on the Internet, access to the digital library is not required.