On Wed, Jun 25, 2014 at 2:07 PM, Curt, WE7U <[email protected]> wrote: > On Thu, 26 Jun 2014, Liz wrote: >> We shouldn't prevent non-hams from signing up and contributing. > > As I understand it it's an either-or. If people have the certificate then > they're authenticated w/o having to go through the captcha or even the login > procedure. If they're not, then the login/password and Captcha's will > suffice.
Yes, this is accurate. Password authentication can be used alongside certificate authentication. Both mechanisms simply tell MediaWiki "this browser belongs to XXXXX". The caveat is that certificate authentication is a web server setting, so you probably want a port dedicated to certificate authentication, leaving port 443 configured for standard HTTPS + password auth users. If certificate authentication is a must-have, you can allow certificates from multiple CAs. The ARRL just happens to run a reasonable free CA, so that was my first choice. If we wanted to require 100% certificate authentication, we could create our own CA to sign certs for the few Xastir users without amateur radio licenses. Tom KD7LXL _______________________________________________ Xastir mailing list [email protected] http://xastir.org/mailman/listinfo/xastir
