Main comment: Sounds like LDAP to me. Florian Fuchs writes:
> 5) It should implement an oAuth provider. I don't see this. Mailman is an auth consumer. The only people Mailman can provide auth for are the site admins. Everybody else is more or less untrustworthy. I can see that there are applications where it would be useful to have an auth provider bundled with Mailman, but I think implementing it is somebody else's job. > This could be used for API authenticaion and to log into > Postorius/Hyperkitty I think generic auth provider is overkill for these purposes, and a trap for anybody who thinks we know enough about crypto/security to do this stuff well. _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
