Chris Withers <[email protected]> writes: > You're forgetting the two working single sign on methods. I'd be > surprised if a developer didn't have at least one google account or a > launchpad account.
I'm happy to surprise you: I am a Python developer, a PyPI user, and I have neither a Google account nor a Launchpad account. There's been a rather fragmented discussion (with some messages in ‘python-dev’, some in private email) that I'd like to summarise here: PyPI currently uses OpenID, but defeats much of the point of that system by skipping important parts of the authentication protocol and disallowing all but a small subset of identifiers (those that are within a small set of domains). Some of us, who have OpenIDs that *aren't* in any big-name domain but want to use them to authenticate, are discussing this with PyPI administration (Martin von Löwis) and making great strides in clearing up misunderstandings. I have confidence that this is leading in a good direction, but it's clear this should be happening here on the ‘catalog-sig’ forum. I'll post some representative messages in this thread, and encourage further discussion of the issue here. But first, I need to take this opportunity to publically thank Martin for being very patient over many messages and honestly working to understand our requests. It's Martin's demonstrated desire to figure out how to meet PyPI users's needs that is the basis of my confidence that this will have a happy ending. -- \ “Pinky, are you pondering what I'm pondering?” “I think so, | `\ Brain, but shouldn't the bat boy be wearing a cape?” —_Pinky | _o__) and The Brain_ | Ben Finney _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
