[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#984999: sso.debian.org is deprecated

Hi,

On Thu, 11 Mar 2021, Antoine Beaupre wrote:
> According to the sso.debian.org wiki page, the service is
> "deprecated":
> 
> > If you are a service admin please look into using Salsa for this
> > purpose. <https://wiki.debian.org/Salsa/SSO>
> 
> It seems to me that tracker.debian.org should follow this deprecation
> and stop using sso.debian.org as a single sign on source, especially
> now that Firefox in stable (78, buster) does not support the <keygen>
> tag (dropped from Firefox 69) which makes enrolling client certs
> particularly painful.

Yeah, but I don't see a reason to disable this until someone has
contributed OIDC authentication with salsa.debian.org.

I haven't even looked at what it entails. We don't seem to have
pyoidc in Debian (https://github.com/rohe/pyoidc) and I don't see
any other Python implementation.

I wonder what nm.debian.org uses for this.

> Apparently, you can still generate client-sides certs with "web
> crypto", whatever that means... But that's kind of out of scope here. 

I managed to renew my certificate by following the instructions
on sso.debian.org at least.

Cheers,
-- 
  ⢀⣴⠾⠻⢶⣦⠀   Raphaël Hertzog <hertzog@debian.org>
  ⣾⠁⢠⠒⠀⣿⡁
  ⢿⡄⠘⠷⠚⠋    The Debian Handbook: https://debian-handbook.info/get/
  ⠈⠳⣄⠀⠀⠀⠀   Debian Long Term Support: https://deb.li/LTS
Reply to: