Google shuts down the OpenID 2.0 on April 20, 2015

Norbert Thiebaud nthiebaud at gmail.com
Tue Nov 11 13:44:49 PST 2014


On Tue, Nov 11, 2014 at 2:37 PM, Robinson Tryon
<bishop.robinson at gmail.com> wrote:
> On Tue, Nov 11, 2014 at 2:29 PM, Norbert Thiebaud <nthiebaud at gmail.com> wrote:
>>>> I think that the most promising alternative would be to set up OpenID
>>>> service on TDF infrastructure.
>>
>> between fedora,
>
> I poked around, but couldn't find any publicly-accessible OpenID
> service provided by Fedora the OS (I didn't poke at Fedora Commons).

http://fedoraproject.org/wiki/OpenID

I have not tried to get one myselft, but I have seen them used to log
on to gerrit.

>
>> launchpad, yahoo, fb, blogger, wordpress, etc... there
>> are already plenty.
>
> Lots of people don't trust any of those services. I'm hesitant to
> require contributors to enter into a trust agreement with a 3rd party
> such as Canonical or Google as a requirement to contribute to
> LibreOffice development. If it's at all technically possible, I think
> our developers should have a choice.

That ship has sailed.
We _already_ require that.
The only problem now is that google is leaving the field.

>>> Feature #308 (New): single sign-on for bugzilla and redmine
>>> https://redmine.documentfoundation.org/issues/308
>>
>> that is not an infra-related bug.. that is a Bugzilla 'bug'.
>
> Insofar as we want to make it easier for people to use our bug tracker
> (and other project resources), I see it as something of concern to
> both our QA and Infra teams.

'Infra' is about providing and infra-structure and insuring its
availability, not coding new features in upstream project.

>
>> there are a couple of seemingly abandoned attempt
>
> Yep. I'd like to avoid having Persona for Bugzilla + MozTrap and then
> a separate OpenID for Gerrit, Ask, Redmine, TDF Wiki, etc.., but
> perhaps 2 sets of logins are preferable to 8.

Having a TDF hosted openid will not solve that issue.
and unless there is a universal single-signon method supported by all
these tools, this is just the way it is.
Solving that problem is an effort to be done upstream, in bugzilla and Moztrap

btw: http://www.eweek.com/blogs/security-watch/mozilla-gives-up-on-persona-single-sign-on-for-now.html


but if we seriously want a hosted system, the only thing that is know
to work is LDAP...
I'm not quite fluent in ldap, but I am under the impression that it is
not well suited to 'open public registration' kind of scheme....

Norbert


More information about the LibreOffice mailing list