On 02/23/2013 02:46 PM, Casey Brown wrote:
Would the fact that Bugzilla uses your e-mail address publicly for
everything (rather than a separate account name) cause any problems
when switching to OpenID?
It should be careful not to publicize people's wiki email (sometimes
private and used only
On 02/22/2013 08:32 PM, Brian Wolff wrote:
What ive always wondered is what happens if your oid provider goes
under/otherwise dissapears. I imagine that means you lose your user account
all across the internet, which is a scary thought
There is an additional part of OpenID called
On 02/22/2013 07:31 PM, Ryan Lane wrote:
Let's consider bugzilla.wikimedia.org, for instance. It has its own
credentials store. With OpenID as a provider on the projects, it could be
possible to use your Wikimedia credentials rather than a username/password
specific to bugzilla.
This, alone,
On Sat, Feb 23, 2013 at 8:22 AM, Mark A. Hershberger m...@everybody.org wrote:
On 02/22/2013 07:31 PM, Ryan Lane wrote:
Let's consider bugzilla.wikimedia.org, for instance. It has its own
credentials store. With OpenID as a provider on the projects, it could be
possible to use your Wikimedia
On Fri, Feb 22, 2013 at 12:43 PM, Marc A. Pelletier m...@uberbox.org wrote:
On 02/22/2013 03:17 PM, maiki wrote:
Is this up for discussion, or are we at the point of planning
deployment?
The latter. I can elucidate a number of scenarios where that is beneficial,
but the primary one from
On Sat, Feb 23, 2013 at 8:32 AM, Chad innocentkil...@gmail.com wrote:
With Gerrit, there's a very manual conversion cost when switching authn/
authz mechanisms...at least if people want to keep their existing account
(with its settings, contribs, etc).
I'm curious if other tools like BZ have
I believe the OpenID extension is matured to the point where it's usable on
the Wikimedia projects, acting as an OpenID provider. The extension still
needs review and such, but I think it's a good time to discuss how we'd
like to implement this on the projects.
My preference for this would be to
Is this up for discussion, or are we at the point of planning
deployment? It isn't apparent to me why any WMF site would be an OpenID
provider.
maiki
On 02/22/2013 11:33 AM, Ryan Lane wrote:
I believe the OpenID extension is matured to the point where it's usable on
the Wikimedia projects,
quote name=maiki date=2013-02-22 time=12:17:25 -0800
Is this up for discussion, or are we at the point of planning
deployment? It isn't apparent to me why any WMF site would be an OpenID
provider.
To phrase this differently:
Do you more prefer that WMF sites consume OpenIDs instead of (or in
On 02/22/2013 03:17 PM, maiki wrote:
Is this up for discussion, or are we at the point of planning
deployment?
The latter. I can elucidate a number of scenarios where that is
beneficial, but the primary one from my perspective is that of
authenticating for external tools (like bots and
On 2013-02-22 3:34 PM, Ryan Lane rlan...@gmail.com wrote:
I believe the OpenID extension is matured to the point where it's usable
on
the Wikimedia projects, acting as an OpenID provider. The extension still
needs review and such, but I think it's a good time to discuss how we'd
like to
On 02/22/2013 03:44 PM, Brian Wolff wrote:
I would certainly prefer to use
something that already exists.
Meta would seem to be the natural, if ill-named, target.
-- Marc
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
RE: https://www.mediawiki.org/wiki/Extension:OpenID (manual page)
Just my few meta points:
if you should find bugs so, please file them here
https://bugzilla.wikimedia.org/enter_bug.cgi?product=MediaWiki%20extensionscomponent=OpenID
Open bugs are
On 2013-02-22 4:43 PM, Marc A.
. Each of them currently need their own mechanism, have to implement
baroque processes to associate a Wiki[mp]edia account, and increase
exposure of credentials for the users.
Actually theres been a centralized method of doing that for a while now
(TUSC), so each
On 02/22/2013 03:50 PM, Brian Wolff wrote:
Actually theres been a centralized method of doing that for a while now
(TUSC), so each tool is not reinventing the wheel, but open id sounds much
less hacky.
Oh, cool. I did not know that.
Of course, a /great/ transitional mechanism them presents
Do you intend to cover both SUL and legacy accounts?
I suspect that meta might not work due to the fact that there might be some
accounts that were created on meta, but never merged. So either the URL
would have to be different from the regular [[User:Xxx]] @ meta, like
On 22 February 2013 12:54, Yuri Astrakhan yuriastrak...@gmail.com wrote:
Do you intend to cover both SUL and legacy accounts?
I don't think it's worth anyone's time working out a way of supporting
non-global accounts, given the on-going work to fix these as part of SUL
finalisation which
On Fri, Feb 22, 2013 at 12:40 PM, Greg Grossmeier g...@wikimedia.orgwrote:
quote name=maiki date=2013-02-22 time=12:17:25 -0800
Is this up for discussion, or are we at the point of planning
deployment? It isn't apparent to me why any WMF site would be an OpenID
provider.
To phrase this
- Original Message -
From: Ryan Lane rlan...@gmail.com
I believe the OpenID extension is matured to the point where it's usable on
the Wikimedia projects, acting as an OpenID provider. The extension still
needs review and such, but I think it's a good time to discuss how we'd
like to
On Fri, Feb 22, 2013 at 1:03 PM, James Forrester
jforres...@wikimedia.orgwrote:
On 22 February 2013 12:54, Yuri Astrakhan yuriastrak...@gmail.com wrote:
Do you intend to cover both SUL and legacy accounts?
I don't think it's worth anyone's time working out a way of supporting
non-global
quote name=Ryan Lane date=2013-02-22 time=14:00:49 -0800
This isn't really a matter of having one or the other. As Marc has
mentioned, we need some non-hacky form of authentication for bots, tools,
out-of-cluster applications, and non-mediawiki applications.
Right, figured not, just trying to
On Fri, Feb 22, 2013 at 2:03 PM, Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: Ryan Lane rlan...@gmail.com
I believe the OpenID extension is matured to the point where it's usable
on
the Wikimedia projects, acting as an OpenID provider. The extension still
On 02/22/2013 05:03 PM, Jay Ashworth wrote:
or allowing
external non-WMF sites to authenticate against our user database.
Actually, that's the objective -- allow external tools to have their
users be able to prove I am Wikimedia user Coren without having to
hack around with
Ryan wrote:
Any OpenID consumer, whether WMF or not, would be able to use us as an
authentication provider.
There is currently no option, but an option (to restrict serving OpenIDs
to certain
consumer domains eg. only to our domain) could be implemented.
Tom
On Fri, Feb 22, 2013 at 2:30 PM, Thomas Gries m...@tgries.de wrote:
Ryan wrote:
Any OpenID consumer, whether WMF or not, would be able to use us as an
authentication provider.
There is currently no option, but an option (to restrict serving OpenIDs
to certain
consumer domains eg. only
To be absolutely clear, this does *not* solve the problem of bots/tools
authenticating on behalf of a user. All it does is solve the problem of
where a bot/tool authenticates under its own user account and, out of pure
courtesy for the community, asks users to prove their identity before
allowing
On 2013-02-22 7:20 PM, Tyler Romeo tylerro...@gmail.com wrote:
To be absolutely clear, this does *not* solve the problem of bots/tools
authenticating on behalf of a user. All it does is solve the problem of
where a bot/tool authenticates under its own user account and, out of pure
courtesy
This would also be useful for test wikis people set up on labs. You could
just authenticate via openid instead of creating a new account.
You can already test this here :
http://openid-wiki2.instance-proxy.wmflabs.org/wiki
___
Wikitech-l mailing
On Fri, Feb 22, 2013 at 3:19 PM, Tyler Romeo tylerro...@gmail.com wrote:
To be absolutely clear, this does *not* solve the problem of bots/tools
authenticating on behalf of a user. All it does is solve the problem of
where a bot/tool authenticates under its own user account and, out of pure
In cases where a tool is keeping an authentication database, and is not
acting on behalf of a user, then OpenID would let the tool eliminate its
username/password store.
This is exactly what I'm saying. It doesn't do this. If a tool has a
username/password store, i.e., it uses the username
On Fri, Feb 22, 2013 at 4:07 PM, Tyler Romeo tylerro...@gmail.com wrote:
In cases where a tool is keeping an authentication database, and is not
acting on behalf of a user, then OpenID would let the tool eliminate its
username/password store.
This is exactly what I'm saying. It doesn't
- Original Message -
From: Ryan Lane rlan...@gmail.com
Any OpenID consumer, whether WMF or not, would be able to use us as an
authentication provider.
So, then, all OpenID guarantees is this provider says it's the same person
it was last time?
Cheers,
-- jra
--
Jay R. Ashworth
On 02/22/2013 03:43 PM, Marc A. Pelletier wrote:
On 02/22/2013 03:17 PM, maiki wrote:
Is this up for discussion, or are we at the point of planning
deployment?
The latter. I can elucidate a number of scenarios where that is
beneficial, but the primary one from my perspective is that of
- Original Message -
From: Ryan Lane rlan...@gmail.com
I see no reason in doing so. If third parties want to allow Wikimedia
as a provider, I don't see why we'd object.
There is no potential liability there?
Cheers,
-- jra
--
Jay R. Ashworth Baylink
On 02/22/2013 06:33 PM, Brian Wolff wrote:
Which coincides to several bots/tools and would generally be quite useful.
Quite honestly having bots make edits directly on someones behalf using
their account sounds scary.
For autonomous bots, yes (they should keep using their own accounts).
But
On 02/22/2013 10:44 PM, Jay Ashworth wrote:
There is no potential liability there?
IANAL, but I can't think of a scenario where allowing a user to prove I
am user X on Wikimedia projects can create liability; if the client is
pleased with the (proven) assertion for their purposes, they can
- Original Message -
From: Marc A. Pelletier m...@uberbox.org
On 02/22/2013 10:44 PM, Jay Ashworth wrote:
There is no potential liability there?
IANAL, but I can't think of a scenario where allowing a user to prove I
am user X on Wikimedia projects can create liability; if the
On 02/22/2013 10:43 PM, Jay Ashworth wrote:
So, then, all OpenID guarantees is this provider says it's the same person
it was last time?
The exact semantics is, IIRC, that person has presented credential to
us we accept as identifying them as our user $IDENTIFIER. Whether the
client trusts
Original Message -
From: Marc A. Pelletier m...@uberbox.org
On 02/22/2013 10:43 PM, Jay Ashworth wrote:
So, then, all OpenID guarantees is this provider says it's the same
person it was last time?
The exact semantics is, IIRC, that person has presented credential to
us we
On 2013-02-23 12:18 AM, Jay Ashworth j...@baylink.com wrote:
Original Message -
From: Marc A. Pelletier m...@uberbox.org
On 02/22/2013 10:43 PM, Jay Ashworth wrote:
So, then, all OpenID guarantees is this provider says it's the same
person it was last time?
The exact
On 02/22/2013 11:32 PM, Brian Wolff wrote:
What ive always wondered is what happens if your oid provider goes
under/otherwise dissapears. I imagine that means you lose your user account
all across the internet, which is a scary thought
Some sites, like Stack Overflow, allow you to add
On 2013-02-23 12:37 AM, Matthew Flaschen mflasc...@wikimedia.org wrote:
On 02/22/2013 11:32 PM, Brian Wolff wrote:
What ive always wondered is what happens if your oid provider goes
under/otherwise dissapears. I imagine that means you lose your user
account
all across the internet, which
So I definitely see the use case for OpenID as a provider (and as long as
everybody is aware that OpenID is not OAuth, I'm fine with that), but I'm
not a bot/tool developers. I am, however, a frequent user of the Internet,
and I find it extraordinarily surprising that Wikipedia is one of the few
see also https://bugzilla.wikimedia.org/show_bug.cgi?id=9604 (2007)
Support OpenID extension on all wikimedia projects
___
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Am 23.02.2013 05:40, schrieb Brian Wolff:
Some sites, like Stack Overflow, allow you to add alternate OpenIDs,
which helps for temporary or permanent downtime.
Presumably you would have to do that before the downtime though as you
wouldn't be able to login once downtime starts. So one could
Am 23.02.2013 00:48, schrieb Ryan Lane:
On Fri, Feb 22, 2013 at 3:19 PM, Tyler Romeo tylerro...@gmail.com wrote:
To be absolutely clear, this does *not* solve the problem of bots/tools
authenticating on behalf of a user. All it does is solve the problem of
where a bot/tool authenticates under
46 matches
Mail list logo