[fab] OpenID: an actually distributed identity system
Matt Domsch
matt at domsch.com
Mon Oct 2 03:56:15 UTC 2006
On Wed, Sep 27, 2006 at 09:01:50AM -0400, seth vidal wrote:
> On Wed, 2006-09-27 at 08:41 -0400, Michael Tiemann wrote:
> > I saw OpenID ( http://openid.net/ ) presented and demonstrated at
> > EuroOSCON last week--it looked really cool. My reason for writing this
> > morning is because on another list (grass-dev at grass.itc.it) developers
> > are bemoaning the problem of (1) spam in their bugtracker, and (2) their
> > desire to keep the bugtracker open and not require that users sign up
> > for an account before using the system.
> >
> > I understand there is a similar question being discussed about just how
> > open to make the Fedora Wiki (not the CVS repository, but the Wiki).
> >
> > I, too, hate the fact that I have to manage so many identities on the
> > web, and I, too, wish there were a decent single sign-on for me to use
> > with my favorite websites. I'd like to suggest OpenID as a possible
> > candidate for solving that problem and see whether enough people on this
> > list agree to push it into the Fedora infrastructure.
>
> - moinmoin has been 'openid enabled' - but only in 1.5.X - not the
> version we're using right now - 1.3.X. We should be able to move to it -
> but it will be an involved process, I'm sure. Not the least of which is
> getting all the people to now create openid accounts. And this says
> nothing of the need for the CLA that we require.
>
> - mailman - it has been openid enabled but not in the upstream release.
> Patches are available.
>
> - bugzilla appears to be completely out in the cold which means there
> would be a need for someone to do the programming and, theoretically,
> submitting the patches upstream.
Patches for Plone are set to be released by the end of October at
their development conference.
> So we'd have to refit a good portion of our infrastructure (some of
> which also serves @redhat.com not just fedora) and we'd have to get our
> users to migrate to the new login mechanism. I'm not saying it's
> impossible but I think we're looking at a development time and migration
> path that IF we have people willing to undertake it will take greater
> than a year.
No doubt.
More information about the advisory-board
mailing list