Hi, On Sun, May 10, 2009 at 12:27 PM, Paul Johnston <paul....@gmail.com> wrote:
> > Hi, > > > No need to be arrogant and insult people. "Your reply is line noise"? > > "Go to another site to find out why"? That really makes people trust > > what you have to say, not. > > Sorry for bringing mud to the list, I know it's not the culture here > to communicate like that. However, Ross' message was also arrogant and > deserved a terse reply. Just like my message deserved a sarcastic > response from you. The tit-for-tat will have to stop at some point! I also must apologise, my first response *did* deserve such a terse reply, it was ill informed and after both your and Ben's responses I've been investigating it further and think I have a better grip on it all. Ross, your later message is much more balanced. This is clearly a > feature you don't want or need, and that's fair enough, just don't > enable it in your apps. I suggest you duck out of further discussion, > as some people do want this feature, and we'd like to focus on how to > do this, not the limitations, which we're already well aware of. I didn't mean my second post to come across as it did and thanks to Ben for his retort on some of the many holes in my logic. But it is because I am interested in this feature and the continuing conversations aren't diminishing this. For me the ideal situation would be for this feature to be easily adoptable for existing systems and authentication to act the same when you have js on or off. Is there any merit in storing both the old password format and the new encrypted format in the database? This way a user could authenticate with or without js and could allow easier adoption by pre-existing applications (you could do a rolling conversion to the encrypted format). You'd need logic to determine which to authenicate against, but that way it would always work and then the js library really would progressively enhance the login. Once again apologies for being an asshat previously. Ross --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-devel" group. To post to this group, send email to pylons-devel@googlegroups.com To unsubscribe from this group, send email to pylons-devel+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/pylons-devel?hl=en -~----------~----~----~----~------~----~------~--~---
