Refactoring the Debtags web interface
Ben Finney
ben+debian at benfinney.id.au
Mon Feb 23 12:23:06 UTC 2009
Peter Palfrader <weasel at debian.org> writes:
> On Mon, 23 Feb 2009, Enrico Zini wrote:
>
> > If Debian were an OpenID provider, then using the Debian OpenID
> > could automatically give some authorization, like assuming that
> > one is a DD. That could have been handy, but indeed not
> > particularly needed.
>
> As openid provides no security whatsoever
Just like an email address, an OpenID is good for identity; security
needs to be dealt with in a separate layer, just as with email. I
don't know who promised OpenID “provides security”, or expects it.
> there's probably not a big chance of us (as in DSA) hopping onto the
> openid hype any time soon.
Given that we willingly use email for identity, despite the fact that
email provides no security, I don't see how this is anything but a
non-sequitur.
--
\ “I fly Air Bizarre. You buy a combination one-way round-trip |
`\ ticket. Leave any Monday, and they bring you back the previous |
_o__) Friday. That way you still have the weekend.” —Steven Wright |
Ben Finney
More information about the Debtags-devel
mailing list