20 Oct
2016
20 Oct
'16
7:07 p.m.
On Thu, Oct 20, 2016 at 05:01:06PM -0700, Rick Stevens wrote:
Not to my mind. SSO (single sign on) is, IMHO, a really bad thing. Yes, it's easier to administer because the authentication is being handled by someone else and you "don't have to be bothered". However, now your security is now ENTIRELY dependent on the security of that provider. If they're breached, YOU'RE breached. Relying on someone else to provide your security is, again IMHO, a truly idiotic thing to do.
Note that with the options provided, you could use your *own* open identity provider.
--
Matthew Miller
mattdm@fedoraproject.org
Fedora Project Leader