Is this up for discussion, or are we at the point of planning deployment? It isn't apparent to me why any WMF site would be an OpenID provider.
maiki On 02/22/2013 11:33 AM, Ryan Lane wrote: > I believe the OpenID extension is matured to the point where it's usable on > the Wikimedia projects, acting as an OpenID provider. The extension still > needs review and such, but I think it's a good time to discuss how we'd > like to implement this on the projects. > > My preference for this would be to have a centralized wiki for identity > urls. The identity urls would be based on user pages. I'm proposing this > for a few reasons: > > 1. It's easier to deal with identity urls in a centralized location, and it > allows us to avoid including the OpenID extension on every wiki > 2. We could very strictly limit our vulnerability surface on this wiki by > only including what's necessary > 3. At a later point we could decide to limit all authentication to this > location, pointing login links from all projects/wikis here > 4. At a later point we could decide to also use this as a global profile > location > > I'd prefer if we avoid the bikeshedding of the domain name in this > discussion, if we are all in agreement over the use of a centralized wiki. > > Thoughts? > > - Ryan > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l > _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
