On Fri, Jan 4, 2013 at 9:53 AM, Tyler Romeo <[email protected]> wrote: [..] > As far as a solution goes, I have a complete codebase for > Extension:TokenAuth, which allows users to have MediaWiki sign a blinded > token, which can then be used to bypass a specific IP block in order to log > in and edit. It is almost ready; there are just a few functionality > problems with the JavaScript crypto library.
That sounds really cool. However I'm not sure how it solves the problem. If we allow people to get tokens signed that lets them bypass the TOR blocks, we may as well just not hand out tor blocks in the first place (if everyone can get a blinded token), or hand out the overrides via IP block exempt group (If we limit who can get such tokens). -bawolff _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
