Hi, On Thu, 11 Mar 2021, Antoine Beaupre wrote: > According to the sso.debian.org wiki page, the service is > "deprecated": > > > If you are a service admin please look into using Salsa for this > > purpose. <https://wiki.debian.org/Salsa/SSO> > > It seems to me that tracker.debian.org should follow this deprecation > and stop using sso.debian.org as a single sign on source, especially > now that Firefox in stable (78, buster) does not support the <keygen> > tag (dropped from Firefox 69) which makes enrolling client certs > particularly painful.
Yeah, but I don't see a reason to disable this until someone has contributed OIDC authentication with salsa.debian.org. I haven't even looked at what it entails. We don't seem to have pyoidc in Debian (https://github.com/rohe/pyoidc) and I don't see any other Python implementation. I wonder what nm.debian.org uses for this. > Apparently, you can still generate client-sides certs with "web > crypto", whatever that means... But that's kind of out of scope here. I managed to renew my certificate by following the instructions on sso.debian.org at least. Cheers, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog <hert...@debian.org> ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ The Debian Handbook: https://debian-handbook.info/get/ ⠈⠳⣄⠀⠀⠀⠀ Debian Long Term Support: https://deb.li/LTS