Hello, the oauth2 part of our single signon system is in need of a team of people to maintain it, and my experience so far has been that nobody seems to understand oauth2[1]. I would like, in some future, to completely replace DACS with OAuth2 for sso.debian.org, but I would not want that to happen until there are at least three active people in Debian who actually know the protocol inside out and have an interest in becoming comaintainers of the sso.debian.org infrastructure[2]. Studying the protocol is probably more fun when done in a group, so this looks like an idea for a DebConf Sprint[3]. Who would be interested in joining this? (feel free to pass this on to other lists/irc channels/*) Enrico [1] I also don't understand oauth2, so I'm not one of the maintainers. My impression is that currently there are no maintainers. [2] since it is a security critical bit, I'd like there to be a team of people who can make security assessments, and where peer review is possible. [3] http://lists.debconf.org/lurker/message/20150216.170544.11b6abc9.en.html -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini <enrico@enricozini.org>
Attachment:
signature.asc
Description: Digital signature