FAS password on 3rd party pages?
seth vidal
skvidal at fedoraproject.org
Thu Apr 25 13:11:00 UTC 2013
On Thu, 25 Apr 2013 10:57:54 +0200
Pierre-Yves Chibon <pingou at pingoured.fr> wrote:
> On Thu, 2013-04-25 at 10:31 +0200, Vít Ondruch wrote:
> > Dne 25.4.2013 10:09, Pierre-Yves Chibon napsal(a):
> > > On Thu, 2013-04-25 at 10:07 +0200, Vít Ondruch wrote:
> > >> Hi guys,
> > >>
> > >> Since you want to push Fedocal and Blocker tracking into
> > >> production, would you mind to change you login forms, that I
> > >> don't have to enter my FAS password into your application dialog
> > >> boxes? Although I understand that they are Fedora's application,
> > >> hosted on Fedora's infrastructure, etc. , I don't feel
> > >> comfortable to enter my FAS password into various applications,
> > >> which I consider 3rd party from this perspective.
> > > Do you consider the wiki, pkgdb, bodhi as 3rd party apps?
>
> > Well, you are right, they should be adjusted as well. Copr is doing
> > it better.
>
> So you are in fact speaking about porting our apps to use OpenID,
> which is indeed something we are working on.
> But, don't you consider OpenID as a 3rd party application as well ? :)
>
Well I think the idea is simple enough - if there is one, branded and
obvious login page - and that page is openid then we're not training
our users to type their passwords into random websites.
-sv
More information about the infrastructure
mailing list