On 10/8/2012 1:09 AM, Troy Benjegerdes wrote: > Before I bother with an RFC that nobody other than me cares about, I'd > like to see gerrit.openafs.org *use* the following RFCs, so that I can > trivially log in when authenticated to my own local cell: > > > http://tools.ietf.org/html/rfc4120 > http://tools.ietf.org/html/rfc4178 > http://tools.ietf.org/html/rfc4559
Gerrit supports OpenID. It does not to the best of my knowledge support GSS-API authentication. If you would like to add GSS-API authentication to Gerrit, please discuss it on the Gerrit mailing lists, not on this one. > If given a database dump of the RT database backing rt.central.org, I can > attempt to set up a test version that will allow any realm with manually > configured cross-realm trust to log in. While I appreciate that your intentions are well meaning, central.org is a trusted provider of services to openafs.org. While OpenAFS may make requests of the central.org administrators, their time is hard to come by and the Gatekeepers would rather they spend their efforts on developing the processes necessary to permit broader access to members of the community. Customizing RT to permit SPNEGO authentication is far down on the list. If you want to have a cross-realm key exchange with the GRAND.CENTRAL.ORG realm, you should talk with the administrators. Repeated e-mails to this mailing list is not going to help you. My final comment is that OpenAFS uses central.org because the individuals that run it are trusted to protect the privacy of the data stored within RT. In particular, the contents of non-public queues. Jeffrey Altman
signature.asc
Description: OpenPGP digital signature
