Enrico Zini <enr...@enricozini.org> writes: > About authenticated access: > > - I do not want to maintain another user/password database: this > should be done with Openid
I heartily applaud this decision. > and a whitelist of identity providers that every DD can easily use > (like alioth or debian) What of those that use an OpenID provider not on the whitelist? (I imagine some not insignificant number of hackers run their own personal OpenID server, so an ever-expanding whitelist seems not to address the issue.) What of non-DDs who do not necessarily have an account on any of those services, but are still valid users for authenticating in the Debtags system? -- \ “Free thought is a necessary, but not a sufficient, condition | `\ for democracy.” —Carl Sagan | _o__) | Ben Finney -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org