Date: prev next · Thread: first prev next last
2012 Archives by date, by thread · List index 

On Wed, Jun 20, 2012 at 10:46:24PM +0200, Bjoern Michaelsen wrote:


On Wed, Jun 20, 2012 at 09:47:48PM +0200, Lionel Elie Mamane wrote:



However, our current setup *requires* an OpenID; is it an option to
make that optional (and allow people to e.g. use a "classic"
username+password for the web interface)?



no.


Ah. Too bad.


People like that (yes, I'm one of them) will balk at the
requirement of giving a third party (and anybody able to twist
their arm... like the surveillance agencies of governments)
unlimited power to impersonate them (to websites that use
OpenID). So they'll want to run their own OpenID end points;



But having a third party that is as trustworthy as TDF shouldnt be
too hard as there are already lots and lots of OpenID providers.


Using a TDF OpenID provider to login at gerrit.libreoffice.org would
be OK since I'm authenticating with the TDF... So the TDF being able
to "impersonate me" on its own system... err... its sysadmins can do
that whatever I do. Freedesktop too, since our repos are at
freedesktop, so the freedesktop admins can meddle with our repos, and
we decided this is OK.

But frankly, why should Google, AOL, Wordpress or another person be
able to impersonate me at the TDF systems?


And if you are paranoid you would use your OpenID account just for
one purpose -- that will give you enough plausible deniability.


OK, say I open a Google account for each website that wants an OpenID
login for me. How does that improve the situation with regards of
Google being able to impersonate me at these websites?


My point is basically that it is too much of an investment for a
casual contributor... If we could make that easier by allowing plain
username+password (or exporting bugzilla accounts over OpenID? I guess
that would be *more* work), I feel it would lower the barrier to entry
to gerrit.



I think you are part of a very, very rare demographic there (no
wordpress, no google, no launchpad, no yahoo, no blogger, no
myspace, no flickr)


It is not about *having* an account there, it is about deciding one of
these people should be able to use my TDF account. Else I'd have just
opened an account at one of these websites.

-- 
Lionel

Context

Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.