New Fedora openid provider (fas-openid) in service
Toshio Kuratomi
a.badger at gmail.com
Thu Mar 7 16:32:51 UTC 2013
On Wed, Mar 06, 2013 at 07:21:49PM -0800, Adam Williamson wrote:
> On 06/03/13 06:41 AM, Stephen Gallagher wrote:
> >I encountered an issue recently with pypi.org, where it was treating
> >http://sgallagh.id.fedoraproject.org and
> >https://sgallagh.id.fedoraproject.org as separate accounts (up to a
> >point where they were causing tracebacks because they shared the same
> >email address).
> >
> >So lesson learned: always drop the protocol prefix.
>
> The Verge does the same...the lesson I chose to learn was just to
> always use https, though.
Note -- I made the same decision but I found out from puiterwijk that that
should be raising an error in the relying party (the website asking that you
auth with fedora's openid). The reason? We don't have SSL certificates for
all possible [username].id.fedoraproject.org domains.
In practice I never encountered a site that worked with our http://
identities but not our https:// identities. Makes you wonder about
quality of implementations a bit....
-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20130307/548ee945/attachment.sig>
More information about the devel
mailing list