On Fri, Aug 24, 2012 at 10:33 AM, Nabil Maynard <nadr...@gmail.com> wrote: > On Fri, Aug 24, 2012 at 10:16 AM, Tyler Romeo <tylerro...@gmail.com> wrote: >> Not a good idea: http://xkcd.com/927/ >> While OAuth has its problems, it's not a terrible protocol (or at least v1 >> isn't). >> >> > Seconded -- I'd rather see contributions to making OAuth less painful > rather than invent Yet Another Standard.
I have to agree too. OAuth has problems, but it would allow several of wmf's current integrations to be more secure overall, and that would be a win for us. If Daniel is able to create a protocol that is as secure, and easier for developers to use securely, then I will definitely push to switch over. But until then, I'm still going to try and get OAuth out. I'd also love to see MediaWiki support SAML too, for our .edu/.gov users. > > My personal wishlist: > - Persona: Previously called BrowserID. It's come a LONG way in the past > few months, and provides another fairly clean identity/authentication > system. Mozilla is also interested in this. I don't think we can use it on wmf sites, but if you're interested in working on it, I can probably get you in touch with someone there. I think it would be a great feature. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l