Enrico Zini <enrico@enricozini.org> writes: > I've set up a prototype of the new sso.debian.org based on client > certificates, and I'd like your opinion on its accessibility. > Details of the new setup are here: > https://lists.debian.org/debian-devel/2015/08/msg00539.html > and some more documentation is here: > https://wiki.debian.org/DebianSingleSignOn#Debian_SSO_documentation-1 > > To use the new setup, you go to https://sso.debian.org/spkac/enroll/, > log in with your Debian Web password, and use that page to add a > certificate to your browser. > > After that you can visit contributors.debian.org and nm.debian.org > without needing to log in, until the certificate expires. > > This seems to work smoothly with FireFox and Chromium; however, I could > not find out how to make links and lynx work with client certificates. I was afraid of that. A quick search did not reveal anything for me either. > So, here are my questions: > > - have you been using sso.debian.org before? With which browser? Yes, with lynx. I had to change one option from its default in lynx.cfg to have sso.debian.org work for summit.debconf.org, which was: REFERER_WITH_QUERY:PARTIAL (#794097) > - can you use the new certificate-based version? With which browser? I apparently managed to manually enroll and download my .crt. However, I fail to see a way how to make use of that .crt for lynx yet. So currently, no, I can't make use of the new system. > - any other comments? The web is going to kill us. > (I am not subscribed to this list: please try to keep me in Cc) Thanks for the heads up!!! -- CYa, ⡍⠁⠗⠊⠕
Attachment:
signature.asc
Description: PGP signature