On Mon, 28 Jul 2003, Joshua Koenig wrote: > >> Deanster could also act as a (Jabber/Drupal) single-sign-on point for > >> any Drupal Dean Nodes a Deanster also frequents. > > > > We talked about this with Zephyr, and the deal is - if DFA run Deanster > > then it cannot handle Authentication for the Nodes or they would have > > to > > be vetted by DFA (ie official) so I don't think this is possible. > > What about the opposite direction? Can unofficial nodes act as > single-signons for Deanster? All this implies is that Deanster will > trust an external source for identity validation, a necessary component > of any distributed identity framework. To put it another way, how is > this different from Deanster accepting MS Passport validation? > > Not that I'm recommending this, but you get the point.
I don't see any problem with the opposite direction. THere shouldnt be any bad implications of Deanster using trusted node logins that I can think of. The issue with nodes using Deanster logins is that - if the nodes authentication is "controlled" by "official" DFA services, then the nodes must become official / vetted as well. This make sense? -Zack > cheers > -josh >
