Re: Salsa as authentication provider for Debian

To: debian-project@lists.debian.org
Subject: Re: Salsa as authentication provider for Debian
From: Pirate Praveen <praveen@onenetbeyond.org>
Date: Mon, 13 Apr 2020 23:13:08 +0530
Message-id: <[🔎] WJMQ8Q.IXLQT28MRWYW1@onenetbeyond.org>
In-reply-to: <[🔎] 87h7xns5kh.fsf@err.no>
References: <[🔎] 20200405184610.GA581270@waldi.eu.org> <[🔎] tslsghe9sym.fsf@suchdamage.org> <[🔎] 87k12prew7.fsf@err.no> <[🔎] 20200409072447.ci2xnvtnwv5as3vq@enricozini.org> <[🔎] 874ktsr1qq.fsf@err.no> <[🔎] tslk12o73uu.fsf@suchdamage.org> <[🔎] 87mu7hst2c.fsf@err.no> <[🔎] 20200412163636.d7jz3wy27k5fcwb3@enricozini.org> <Enrico Zini's message of "Sun, 12 Apr 2020 18:36:36 +0200">



On Mon, Apr 13, 2020 at 6:39 pm, Tollef Fog Heen <tfheen@err.no> wrote:

It's not clear to me why removing the -guest restriction has to happen
for sso.d.o to be using Salsa as an IdP, which seems to be yourprimarygoal? That's my most immediate concern. Switching to oauth2/OIDCseems
like a good idea, and assuming we can move to another broker somewhere
down the line, I have no problems with that happening.

This was already answered here,

https://lists.debian.org/debian-project/2020/04/msg00031.html

On Wed, Apr 08, 2020 at 07:50:22PM +0800, Shengjing Zhu wrote:
> 1. Can you still keep the "-guest" enforcement, so it's still easy to
> recognize who is DD or not on salsa?

No.  The guest suffix was meant to avoid collisions with Debian
accounts.  And the tool used to enforce it is unmaintained.

Also the only place that can for sure answer if someone is DD is
nm.debian.org, not Salsa.

Reply to:

References:
- Salsa as authentication provider for Debian
  - From: Bastian Blank <waldi@debian.org>
- Re: Salsa as authentication provider for Debian
  - From: Sam Hartman <hartmans@debian.org>
- Re: Salsa as authentication provider for Debian
  - From: Tollef Fog Heen <tfheen@err.no>
- Re: Salsa as authentication provider for Debian
  - From: Enrico Zini <enrico@enricozini.org>
- Re: Salsa as authentication provider for Debian
  - From: Tollef Fog Heen <tfheen@err.no>
- Re: Salsa as authentication provider for Debian
  - From: Sam Hartman <hartmans@debian.org>
- Re: Salsa as authentication provider for Debian
  - From: Tollef Fog Heen <tfheen@err.no>
- Re: Salsa as authentication provider for Debian
  - From: Enrico Zini <enrico@enricozini.org>
- Re: Salsa as authentication provider for Debian
  - From: Tollef Fog Heen <tfheen@err.no>

Prev by Date: Re: Salsa as authentication provider for Debian
Next by Date: Re: Testing Discourse for Debian
Previous by thread: Re: Salsa as authentication provider for Debian
Next by thread: Re: Salsa as authentication provider for Debian
Index(es):
- Date
- Thread