Google shuts down the OpenID 2.0 on April 20, 2015
nthiebaud at gmail.com
Tue Nov 11 07:39:27 PST 2014
On Tue, Nov 11, 2014 at 9:19 AM, Wols Lists <antlists at youngman.org.uk> wrote:
> On 11/11/14 15:07, Norbert Thiebaud wrote:
>> On Mon, Nov 10, 2014 at 3:43 PM, David Ostrovsky <d.ostrovsky at gmx.de> wrote:
>>> > Just to inform you, that Google shuts down the OpenID 2.0
>>> > service on April 20, 2015, as explained in this announcement .
>>> > I know that some folks use it for Gerrit authentication.
>> Does github has a openid 2.0 service ? does it work with gerrit ?
>> What is the replacement that the gerrit project plan to use
>> (after all a lot of the project is google-centric no ? )
>>> > I think that the most promising alternative would be to set up OpenID
>>> > service on TDF infrastructure.
>> Do you know how to do that ?
>> But more to the point, what is the benefit of having a openid provider
>> for _one_ service...
> I was thinking along those lines...
> Would there be any interest amongst other Libre Software projects in
> maintaining a shared OpenID infrastructure?
That is not the axes I was describing.. I was not talking about the
issue of shrea/duplicated infrastructure but the issue from the user
perspective... well from _this_ user perspective.
1/ there is a need of an auth step
2/ that involve a key and/or a user/password
3/ where google openid is a big win for me is that, if I am already
logged-in to gmail, then I get gerrit login for 'free' no additional
user/password to type.
4/ having a tdf openid (or any other openid for that matter) is
negating that benefit unless I am already logged in to another service
sharing that openid.. Which I do not.
So your mileage may vary, but for me, if it is not gmail centric then
there is no difference between openid and a regular user/password
5/ if it is just a matter of having a 'shared' openid, hosted by an
open source project.. then, as Bjoern mentioned, there is already
launchpad to fulfill that function. it already exist, is widely used,
has to have a well supported and maintained infra behind it that
guarantee a very high uptime, and has already strong incentive to make
sure the thing is as secured as it can be... I do not see the point of
re-inventing the wheel. we have better things to do with our infra
than indulge in NIH syndrome.
More information about the LibreOffice