[OpenStack-Infra] On being an OpenID consumer instead of an OpenID producer.
Atwood, Mark
mark.atwood at hp.com
Tue Sep 24 22:37:33 UTC 2013
++ to making openstack.org/profile an OpenID consumer instead of an OpenID producer.
I don’t think there are even any good scalable security-audited battle-tested general purpose OpenID producers. We would have to write one from scratch, or take one of the half-done ones and hack on it a great deal to make it fit, and then survive being p0wned over and over as we battle harden it.
OTOH, there are a lot of good open source implementations of OpenID consumer code out there.
..m
Mark Atwood <mark.atwood at hp.com>
Director of Open Source Engagement for HP Cloud Services
M +1-206-473-7118
> -----Original Message-----
> From: Robert Collins [mailto:robertc at robertcollins.net]
> Sent: Tuesday, September 24, 2013 3:32 PM
> To: Stefano Maffulli
> Cc: <openstack-infra at lists.openstack.org>
> Subject: Re: [OpenStack-Infra] List of properties that use Launchpad OpenID
>
> On 25 September 2013 10:18, Stefano Maffulli <stefano at openstack.org> wrote:
> > On Tue 24 Sep 2013 03:04:32 PM PDT, Robert Collins wrote:
> >> Indeed! Please please please *do not* stand up yet another
> >> password-hosting site. Utter waste of everyone's time.
> >
> > I agree with you: we don't nee more complexity. Having our own OpenID
> > provider is needed in order to *reduce* complexity. Remember that the
> > Foundation already has to have *one* system to manage the identity of
> > Foundations' individual members. All ATCs also need to be members of
> > the Foundation, so at the moment all new contributors need to create
> > two
> > accounts: one on Launchpad and one on http://openstack.org/profile.
> > That sucks.
>
> Can we change openstack.org/profile and make that another OpenID consumer? I don't
> see why the Foundation needs to manage a password.
>
> That would be a smaller change and reduce the number of passwords folk need to
> manage. And/or look at Persona?
>
> -Rob
>
>
> --
> Robert Collins <rbtcollins at hp.com>
> Distinguished Technologist
> HP Converged Cloud
>
> _______________________________________________
> OpenStack-Infra mailing list
> OpenStack-Infra at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-infra
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6292 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-infra/attachments/20130924/7970ca6a/attachment.bin>
More information about the OpenStack-Infra
mailing list