Clytie, I'm on your site to be focused on addressing the most obvious
problem, first to stop the bleeding.
Regarding to SCM. I'm aware of the current public key structure. As I
see, we need to look on authentication methods on all SCM's in (focus of
comming upgrades) to be prepared.
I found E-mail access on bugtracking at the list of Infrastructure
Requirements, so we need to be aware of an whatever upcoming identity
System to take care on this.
cheers
Gerd
Clytie Siddall wrote:
On 23/06/2008, at 9:51 PM, Gerd Weiss - Sun Germany - ham02 -Sys Admin
wrote:
Forgot to add [email protected]
Gerd Weiss - Sun Germany - ham02 -Sys Admin wrote:
Hello,
last week Nils Fuhrmann asks me to take over the responsibility of
one ESC task: ¨Unified sign on/Federated Identity¨, to drive progress
on that task.
My idea on this, is to develop a centralized Infrastructure to manage
OOo User related maintenance tasks. This includes also authentication
and User roles.
I would like to invite you supporting/working with me on a common
solution on that topic.
further infromation please refer to
http://wiki.services.openoffice.org/wiki/Unified_sign_on
http://wiki.services.openoffice.org/wiki/ESC_dashboard
http://wiki.services.openoffice.org/wiki/Infrastructure_Requirements
Gerd, I agee that a unified login would be very useful. It's already a
big help that QATrack accepts your OpenOffice.org website login. I think
Pootle (our translation interface) does, too, but I created a separate
login before that happened.
This unified identity would need to include SSH keys if we're going to
include source control. I strongly support a move to SVN: I don't think
I have any other project which is still using CVS. SVN is more
widely-used, and thus more familiar to users, than git. Please focus on
SVN. And please get rid of that tunnel: it's a nuisance. Do we really
need it, with SSH?
You could also include PGP keys in the unified identity. Debian does
this to authenticate submissions, but they also build up a Web of Trust
where people contributing code have had their identity confirmed
personally, face-to-face, but a previously-authenticated member of the
WoT. Even if you didn't do that, you could use PGP keys as an augmented
ID when uploading files.
Email access to bug-tracking is very helpful, and checking full
open-source compliance is essential to avoid conflicts later on. The
scale-sensitive improvements to integrating changes will be very
welcome. Currently, it can take you just as long to achieve a very minor
change, as it can to achieve one involving a lot of code modification.
Overall, the unified login will be the biggest help to me. Cookie-based
login is also a huge time-saver: it's one reason people contribute so
readily to wikis. They will log you in automatically. How many of our
OpenOffice.org logins could be cookie-based?
from Clytie
Vietnamese Free Software Translation Team
http://vnoss.net/dokuwiki/doku.php?id=projects:l10n
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
