On Tue, Mar 06, 2012 at 09:36:42PM +0100, Thijs Kinkhorst wrote: > On Tue, March 6, 2012 13:55, Enrico Zini wrote: > > You should be hearing more about this (and about what is a Debian web > > password) soon :) > > Great. Can you tell us something more about that or can we read some > discussion somewhere? I'm interested since I've been doing a lot with web > auth protocols so I'd like to see if my experiences align with the plans. The idea is to get DACS to work: http://en.wikipedia.org/wiki/Distributed_Access_Control_System_(DACS) but we're talking experiments here and I'm not yet sure if/when it'll actually happen. The advantage of DACS is that the webapp behind it doesn't get to know the password one has entered, so for example I can't setup the nm.d.o webapp to log cleartext passwords and steal your accounts. That's why, although I could probably setup the site to authenticate using Debian's LDAP, if I did that then DSA would (rightfully) want to have a violent word with me. > To many of us non-Americans the concept of a "middle" name may be unknown: > most persons here have between one and five given names and a surname; > there's no such thing as any name being the 'middle' one, many people have > just one and of course we all know at least one person without even a > first name. > > The split between first/middle/last adds in my opinion no value for the NM > website - this is confirmed by the code which uses those fields only to > form the fullname attribute and to display them in the person info table. > Let's just simplify and make the name one string in the data model. If you > agree I can see to create a patch. I agree 'middle name' is very culture specific, and even the distinction between first and last name tends to be: we spent some time making sure we deal correctly with Wookey, Intrigeri and Bertagaz, for example. However, that information is collected because we use it to feed Debian's LDAP database when the account is created, and the standards of LDAP schemas used in Debian and in pretty much any LDAP deployment mandate that distinction. Currently the burden of AMs to fill up the first/middle/last name fields and it could lead to confusion, for example when an AM isn't used to the hispanic tradition of having multiple first and last names, or one doesn't know whether the applicant is from a culture that shows the last name first. One can ask of course, but it seems that not many do. Because of this I'm planning to let the applicant fill up those fields by themselves when applying. Sorry about the digression. To go back to the 'middle name' coming across as confusing, what I could do is to hide the middle and last name fields when not used, and only show them in the edit form. Would that make more sense? Ciao, Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini <enrico@enricozini.org>
Attachment:
signature.asc
Description: Digital signature