Thanks to Mark Rees, PyPI is now an OpenID provider. I fixed a few remaining issues, so I'm now able to announce this as an experimental service. "Experimental" here means that we wait a few months to see whether serious problems show up that may cause us to revert the service or change the URL schemes. We certainly hope that this won't be necessary.
To use this OpenID provider, enter "pypi.python.org/id" into any form that expects an OpenID. Should the service not support OpenID 2, you will have to enter "pypi.python.org/id/<username>" instead (the former is the provider ID, the latter are the user IDs). We follow the emerging approach that you have to sign into PyPI *before* signing into the actual services. This is intended to prevent phishing, as otherwise the relying party may fake PyPI's login page and collect your PyPI password (which they can still do if you fall for it). It also avoids "nested" logins (i.e. where you need to log into PyPI with an OpenID while trying to login elsewhere with the PyPI id). If you find any problems with this service, please report them here or to the PyPI bug tracker. A few success reports are also appreciated. Regards, Martin _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
