On Thu, Dec 4, 2008 at 3:10 PM, Ivan Krstić <[EMAIL PROTECTED]> wrote: > Can we please not duke out the issues with OpenID on this particular list?
+1. Two quick notes to Sebastian - Ben's criteria on security and the internet is surprisingly important as he's one of the key devs behind the apache https implementation. And - if you read his posts on his blog... you'll see that the OpenID guys ended up agreeing, and working out together that a native browser implementatino is the only safe path. Those are two tidbits you'll find if you follow that (now old) conversation. ... > But > I've come around since then -- an XS IdP will probably mean people expect to > be able to use their OpenID from anywhere, including e.g. internet cafe > machines that are not their XOs, in which case the strong OOB authentication > to the IdP would be absent, thus we're back down to a password, thus we go > down the rabbit hole of stupidity that I was trying to avoid in the first > place. Well, that scenario I think is alright -- their identity "naturalyl" with them if they have their XO, but without it... well, it's not. Still, it would only be with them at an internet cafe with their XO if their IDP is internet-visible and authenticates them over the Internet connection. In other words: not by default on any XS build, possibly never ;-) (hopefully something that is opt-in for the local team once the bits are in place...) > For those just tuning > in, the whole story of Jabber on the XO has basically been colorfully > fucked, as has that of the entire collaboration stack. I suggest further > proposals of actually using Jabber for anything wait until the basic XO > implementation gets to the point where IRC was 20 years ago -- namely, > working. Well put. There's another (offtopic) bit of news on that saga: it turns out that a part of the problem (on the XS side at least) has been because little time has been spent understanding ejabberd. Now, ejabberd has gotten significantly better lately at things that we care about, but with a bit of doco-reading-fu ejabberd is turning out to be a very reliable workhorse. Just got to know how to talk to it :-) m -- [EMAIL PROTECTED] [EMAIL PROTECTED] -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff _______________________________________________ Sugar-devel mailing list Sugar-devel@lists.sugarlabs.org http://lists.sugarlabs.org/listinfo/sugar-devel