On Sun, Feb 22, 2009 at 04:32:06PM -0600, Raphael Geissert wrote: > Enrico Zini wrote: > [...] > > - I do not want to maintain another user/password database: this should > > be done with Openid and a whitelist of identity providers that every > > DD can easily use (like alioth or debian) > Why not use the DDs and DMs keyrings? just make them sign a given random > token and submit it. It's rather cumbersome: I wouldn't like to ask people to do that every time they log into the website, not even every once in a while to regenerate an authentication cookie. But did I recall reading that Alioth, or debian.org, can be OpenID providers? If I can use that, I solved the problem, otherwise, I may just postpone implementing authenticated stuff until handy OpenID providers happen in Debian. Ciao, Enrico -- GPG key: 1024D/797EBFAB 2000-12-05 Enrico Zini <enrico@debian.org>
Attachment:
signature.asc
Description: Digital signature