[Systers-dev] Considering LDAP and OpenID
Robin Jeffries
robin at jeffries.org
Thu May 28 19:58:40 PDT 2009
Small comment
On Thu, May 28, 2009 at 1:04 PM, Sarah Mei <sarahmei at gmail.com> wrote:
> Hi Malveeka, I'm excited you're going to be working on this. Let me
> know if there is a concrete way I can help.
>
> On Thu, May 28, 2009 at 12:07 PM, Malveeka Tewari <malveeka at gmail.com>
> wrote:
> > From what I gather from the discussion, the issues, with using mailman
> > passwords is that they are not not very well protected.
> > But if we can fix these issues with mailman for our implementation,
> openID
> > seems to be a good idea to work on.
>
> That was my takeaway as well.
>
> > I think we can start implementing an openID
> > provider module for the mailman first, test the effectiveness of single
> sign
> > on and then once the wiki is up and working we can consider whether or
> want
> > we want to make the Systers wiki as the openID provider.
>
> I think so. One issue you might run into with mailman's data - people
> generally have a password for each list they subscribe to, so there
> will probably be duplicate email addresses with different passwords
> for people who are on multiple lists. You may need to do some creative
> SQL on the data you pull out to figure out how to consolidate into one
> sign-on.
Mailman has a feature (that I'm pretty sure can be accessed
programmatically), which is to set all the passwords for user X on a site (
systers.org) to the current password for mailing list Y. So it should be
pretty easy to get them all aligned (completely glossing over the issue of
how to communicate this change to the users).
Robin
>
>
> > I might be a bit biased here but using openID should not be very
> difficult
> > for Systers users to adapt to. It is a new idea agreed, but using openID
> > would mean they would not need to remember separate usernames and
> passwords
> > for each of their Systers wiki or other systers affiliated accounts.
>
> I see one issue here that is more policy than technical: do you want
> to keep Systers' current mailman passwords, just store them encrypted?
> Or assign everyone a new, one-time password as part of the switchover?
> The latter gives us better security, since the mailman passwords have
> been in the monthly emails. But it's not a great user experience.
>
> Sarah
>
>
> To unsubscribe from this conversation, send email to <
> systers-dev+authenticatio+unsubscribe at systers.org<systers-dev%2Bauthenticatio%2Bunsubscribe at systers.org>>
> or visit <
> http://systers.org/mailman/options/systers-dev?override=9&preference=0>
> To contribute to this conversation, use your mailer's reply-all or
> reply-group command or send your message to
> systers-dev+authenticatio at systers.org<systers-dev%2Bauthenticatio at systers.org>
> To start a new conversation, send email to <systers-dev+new at systers.org<systers-dev%2Bnew at systers.org>
> >
> To unsubscribe entirely from systers-dev, send email to <
> systers-dev-request at systers.org> with subject unsubscribe.
>
More information about the Systers-dev
mailing list