Re: desktopsummit registration forces gnome users to have a kde identity
It seems to me that GNOME deserves equal treatment with KDE as regards any sort of registration for the event. Whatever system is being used could be put on another machine, and some pages could be changed, so that it would mention GNOME and KDE equally. -- Dr Richard Stallman President, Free Software Foundation 51 Franklin St Boston MA 02110 USA www.fsf.org, www.gnu.org ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
On 3/11/2011 3:28 AM, Dave Neary wrote: > Hi, > > Frederic Muller wrote: >> It seems that there are 2 options and the identify.kde.org choice was >> taken out of convenience for one party. Why not chose the neutral option >> being fair for both sides instead and avoiding the issue of GNOME asking >> it's user to register at identify.kde.org instead? >> >> That's seems to be a much more logical choice, no? > > The people who advocated for this decision when it came up felt that the > domain name would not make a big difference, and that the important > thing was to use a well established architecture. Dave is correct; the decision was made based on established, production infrastructure, and not out of convenience. --Jeff ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
On 03/11/2011 09:28 AM, Dave Neary wrote: Hi, Frederic Muller wrote: It seems that there are 2 options and the identify.kde.org choice was taken out of convenience for one party. Why not chose the neutral option being fair for both sides instead and avoiding the issue of GNOME asking it's user to register at identify.kde.org instead? That's seems to be a much more logical choice, no? The people who advocated for this decision when it came up felt that the domain name would not make a big difference, and that the important thing was to use a well established architecture. A lack of manpower to help with the infrastructure was also a big factor. We're all volunteers who set this up [1] and we really wanted to get the call of papers up in time to actually get any talks at all. :) 1. This is also why the design of the website is kind of crap (there is not footer design like on the holding page for example, and the css is a joke). I was so stressed out when doing that :( - Andreas ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
Hi, Frederic Muller wrote: > It seems that there are 2 options and the identify.kde.org choice was > taken out of convenience for one party. Why not chose the neutral option > being fair for both sides instead and avoiding the issue of GNOME asking > it's user to register at identify.kde.org instead? > > That's seems to be a much more logical choice, no? The people who advocated for this decision when it came up felt that the domain name would not make a big difference, and that the important thing was to use a well established architecture. Cheers, Dave. -- Dave Neary GNOME Foundation member dne...@gnome.org ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
On 03/10/2011 10:03 AM, Dave Neary wrote: > Some concerns were raised, and one potential solution suggested by one > of the KDE admins (Jeff Mitchell) was to use OpenID or something > similar, to allow people to authenticate with whatever service they > already had an account for. > > This didn't get implemented, as far as I can tell, purely for lack of > manpower. > OpenID still requires creating accounts locally on Drupal, but it doesn't store credentials locally. FWIW, the reason it didn't get implemented wasn't lack of manpower, it was lack of interest. I proposed it, but do not remember others finding it a good idea. --Jeff ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
On 03/10/2011 01:57 PM, Ben Cooksley wrote: > Implementing such a checkbox for further privacy is not feasible (due > to the fact that accounts can never be deleted and your details will > never be shared assuming you never login anywhere again) Ben, Could a checkbox be implemented indicating that this is only for the desktop summit? Although accounts can't be deleted, we could presumably later use that information to disable and remove credentials for those accounts. --Jeff ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
On 03/10/2011 11:03 PM, Dave Neary wrote: At the time, there were two choices: require everyone to create a Drupal account just to register for the conference, or use the authentication system which KDE already had in place. After some discussion, for the sake of expediency (this is an existing, well tested authentification system, and many of the conference attendees have accounts on it already) the KDE identity LDAP server was used for authentification. Some concerns were raised, and one potential solution suggested by one of the KDE admins (Jeff Mitchell) was to use OpenID or something similar, to allow people to authenticate with whatever service they already had an account for. It seems that there are 2 options and the identify.kde.org choice was taken out of convenience for one party. Why not chose the neutral option being fair for both sides instead and avoiding the issue of GNOME asking it's user to register at identify.kde.org instead? That's seems to be a much more logical choice, no? Thank you. Fred ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
On Fri, Mar 11, 2011 at 8:14 AM, Olav Vitters wrote: > On Fri, Mar 11, 2011 at 07:57:53AM +1300, Ben Cooksley wrote: >> Due to the way the application is built, a entirely seperate copy of >> the application would have to be set up, and it would administer the >> same data. > > Ok, seems too much effort. > >> > * guarantee that my details are only used for Desktop Summit (e.g. >> > hidden field which stores this only for identity.desktopsummit.org so >> > details can be deleted afterwards) >> > * some kind of privacy policy explanation + guarantee (from KDE towards >> > Desktop Summit -- I mean this in a legal sense, no problems trusting >> > KDE... but you could theoretically have legal issues. Usually you >> > cannot just share privacy related information with another >> > organisation) >> >> The privacy policy for KDE Identity is summarised as such here - >> http://community.kde.org/Sysadmin/IdentityFAQ >> In terms of user data, it is never shared with outside organisations. >> The only time information is shared outside of Identity itself is when >> you login to applications such as desktopsummit.org, then your name, >> username and email address are provided. >> >> Implementing such a checkbox for further privacy is not feasible (due >> to the fact that accounts can never be deleted and your details will >> never be shared assuming you never login anywhere again) > > I somewhat dislike always having a lingering account @ KDE that I never > use, check or do anything with > > Could you add the privacy link on identity.kde.org? I'm sure everyone at > KDE knows what it does and what it is for. But for me, it feels weird > (as in: assume it would be an error to go from desktopsummit.org site to > a KDE site). Certainly can be done. > > If I read > http://community.kde.org/Sysadmin/IdentityFAQ > > I see something about ' breaking this when used in your password. You're > escaping everything going to SQL/LDAP I assume? Gets me a bit paranoid. Everything is escaped, this is php safe mode causing that to occur, it automatically escapes it. In terms of LDAP interaction, everything is escaped as far as I know. It doesn't have an SQL database. > > On the privacy policy, it mentions under 'You are a user': > Full name (incl.titles): d > Email address d > Username d > > Where 'd' stands for: > 'You will see this info from developers'. > > I don't really understand this, as there is another 'You are a > developer' option. So if I am a GNOME person, I'll fall under 'user'. > But why have a user section and mention that full name/email address and > username is shared if you're a developer? Doesn't seem logical > especially as you mention that details wont be shared:) That table indicates what you will see, not whom will see your data. As user isn't listed there, that means that nobody other than sysadmins can access your (user) data. > > > -- > Regards, > Olav > Regards, Ben ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
On Fri, Mar 11, 2011 at 3:53 AM, Olav Vitters wrote: > On Thu, Mar 10, 2011 at 04:47:28PM +0800, Frederic Muller wrote: >> What a nice answer... The problem is not about growing up but about >> preserving the GNOME identity. > > What is the problem exactly? I'd feel weird registering at an KDE site, > because I'd only register for Desktop Summit (which I view as a > different organization than KDE or GNOME, even if it consists of people > from both). I have 0 interest in my details being used for anything > else. Additionally, I don't want my details to be stored in some site > I'll never visit. > > If the identify.kde.org could have: > * another 'frontend' with a desktopsummit.org layout (a theme > * call it identity.desktopsummit.org (serveralias + theme only) Due to the way the application is built, a entirely seperate copy of the application would have to be set up, and it would administer the same data. > * guarantee that my details are only used for Desktop Summit (e.g. > hidden field which stores this only for identity.desktopsummit.org so > details can be deleted afterwards) > * some kind of privacy policy explanation + guarantee (from KDE towards > Desktop Summit -- I mean this in a legal sense, no problems trusting > KDE... but you could theoretically have legal issues. Usually you > cannot just share privacy related information with another > organisation) The privacy policy for KDE Identity is summarised as such here - http://community.kde.org/Sysadmin/IdentityFAQ In terms of user data, it is never shared with outside organisations. The only time information is shared outside of Identity itself is when you login to applications such as desktopsummit.org, then your name, username and email address are provided. Implementing such a checkbox for further privacy is not feasible (due to the fact that accounts can never be deleted and your details will never be shared assuming you never login anywhere again) > then IMO whomever does the work (KDE sysadmins) decides, no? > > Could DS team comment if above is feasible? > > Thanks > > -- > Regards, > Olav > ___ > Ds-team mailing list > ds-t...@desktopsummit.org > https://mail.kde.org/mailman/listinfo/ds-team > Regards, Ben Cooksley KDE Sysadmin ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
On Fri, Mar 11, 2011 at 07:57:53AM +1300, Ben Cooksley wrote: > Due to the way the application is built, a entirely seperate copy of > the application would have to be set up, and it would administer the > same data. Ok, seems too much effort. > > * guarantee that my details are only used for Desktop Summit (e.g. > > hidden field which stores this only for identity.desktopsummit.org so > > details can be deleted afterwards) > > * some kind of privacy policy explanation + guarantee (from KDE towards > > Desktop Summit -- I mean this in a legal sense, no problems trusting > > KDE... but you could theoretically have legal issues. Usually you > > cannot just share privacy related information with another > > organisation) > > The privacy policy for KDE Identity is summarised as such here - > http://community.kde.org/Sysadmin/IdentityFAQ > In terms of user data, it is never shared with outside organisations. > The only time information is shared outside of Identity itself is when > you login to applications such as desktopsummit.org, then your name, > username and email address are provided. > > Implementing such a checkbox for further privacy is not feasible (due > to the fact that accounts can never be deleted and your details will > never be shared assuming you never login anywhere again) I somewhat dislike always having a lingering account @ KDE that I never use, check or do anything with Could you add the privacy link on identity.kde.org? I'm sure everyone at KDE knows what it does and what it is for. But for me, it feels weird (as in: assume it would be an error to go from desktopsummit.org site to a KDE site). If I read http://community.kde.org/Sysadmin/IdentityFAQ I see something about ' breaking this when used in your password. You're escaping everything going to SQL/LDAP I assume? Gets me a bit paranoid. On the privacy policy, it mentions under 'You are a user': Full name (incl.titles): d Email address d Username d Where 'd' stands for: 'You will see this info from developers'. I don't really understand this, as there is another 'You are a developer' option. So if I am a GNOME person, I'll fall under 'user'. But why have a user section and mention that full name/email address and username is shared if you're a developer? Doesn't seem logical especially as you mention that details wont be shared:) -- Regards, Olav ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
Hi, Olav Vitters wrote: > What is the problem exactly? The problem was setting up registration for the Drupal instance which will be the conference website. In December, we agreed to use Drupal and COD (a Drupal conference organisation module) for the website. KDE have a well-established Drupal server & sysadmins who knew the system inside out, and we agreed that it'd be an instance on their servers. Their Drupal uses identity.kde.org, which is an LDAP server, to handle accounts for the website. At the time, there were two choices: require everyone to create a Drupal account just to register for the conference, or use the authentication system which KDE already had in place. After some discussion, for the sake of expediency (this is an existing, well tested authentification system, and many of the conference attendees have accounts on it already) the KDE identity LDAP server was used for authentification. Some concerns were raised, and one potential solution suggested by one of the KDE admins (Jeff Mitchell) was to use OpenID or something similar, to allow people to authenticate with whatever service they already had an account for. This didn't get implemented, as far as I can tell, purely for lack of manpower. > If the identify.kde.org could have: > * another 'frontend' with a desktopsummit.org layout (a theme) > * call it identity.desktopsummit.org (serveralias + theme only) > * guarantee that my details are only used for Desktop Summit (e.g. >hidden field which stores this only for identity.desktopsummit.org so >details can be deleted afterwards) I don't see the benefit of doing something like this outweighing the costs. This may not be visible from the outside, but getting the website online was already much slower than we'd hoped, purely because we did not have people committing to getting it done - Kenny Duffus basically took on the configuration of the conference site on his own. > * some kind of privacy policy explanation + guarantee (from KDE towards >Desktop Summit -- I mean this in a legal sense, no problems trusting >KDE... but you could theoretically have legal issues. Usually you >cannot just share privacy related information with another >organisation) A privacy policy sounds like a good idea. Cheers, Dave. -- Dave Neary GNOME Foundation member dne...@gnome.org ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
On Thu, Mar 10, 2011 at 04:47:28PM +0800, Frederic Muller wrote: > What a nice answer... The problem is not about growing up but about > preserving the GNOME identity. What is the problem exactly? I'd feel weird registering at an KDE site, because I'd only register for Desktop Summit (which I view as a different organization than KDE or GNOME, even if it consists of people from both). I have 0 interest in my details being used for anything else. Additionally, I don't want my details to be stored in some site I'll never visit. If the identify.kde.org could have: * another 'frontend' with a desktopsummit.org layout (a theme) * call it identity.desktopsummit.org (serveralias + theme only) * guarantee that my details are only used for Desktop Summit (e.g. hidden field which stores this only for identity.desktopsummit.org so details can be deleted afterwards) * some kind of privacy policy explanation + guarantee (from KDE towards Desktop Summit -- I mean this in a legal sense, no problems trusting KDE... but you could theoretically have legal issues. Usually you cannot just share privacy related information with another organisation) then IMO whomever does the work (KDE sysadmins) decides, no? Could DS team comment if above is feasible? Thanks -- Regards, Olav ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
Re: desktopsummit registration forces gnome users to have a kde identity
What a nice answer... The problem is not about growing up but about preserving the GNOME identity. I would appreciate if the desktop summit organizing committee could consider the request from the GNOME foundation members, and take this seriously. On 03/10/2011 02:52 PM, Kenny Duffus wrote: On Thursday 10 March 2011 08:04:10 Frederic Muller wrote: Hi again, I would also report that as a bug, as it was raised yesterday during the gnome foundation meeting. Forcing GNOME users to register at identify.kde.org is something desired for a joint conference. it is just an LDAP server. grow up Maybe using the drupal built-in account management seems a more fair way to handle the issue. the sysadmins decided to use this for increased security and reduced maintenance ___ foundation-list mailing list foundation-list@gnome.org http://mail.gnome.org/mailman/listinfo/foundation-list
