OpenID - allow untrusted CA (e.g. for self-signed certificates) per-OpenID-provider, or per-user

bugzilla-daemon Sat, 16 Mar 2013 04:46:25 -0700

https://bugzilla.wikimedia.org/show_bug.cgi?id=46189


       Web browser: ---
            Bug ID: 46189
           Summary: OpenID consumer when authenticating an https://OpenID
                    - allow untrusted CA (e.g. for self-signed
                    certificates) per-OpenID-provider, or per-user
           Product: MediaWiki extensions
           Version: master
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: Unprioritized
         Component: OpenID
          Assignee: m...@tgries.de
          Reporter: m...@tgries.de
                CC: wikibugs-l@lists.wikimedia.org
    Classification: Unclassified
   Mobile Platform: ---

see also bug 45324 .

The implementation would require a user_openid table schema change, so that an
additional column uoi_openid_ignore_certificate_check can be added and can be
set to "1". (per user).

"per-OpenID provider" would either require 

+ an additional database table openid_providers which save their properites
including whether not to ignore certificate checks; or
+ hard-coding the value for the preprogrammed providers. 

A setting (checkbox "ignore certificate checks") for manually entered OpenIDs
must be added on the Login and Convert panels.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 46189] New: OpenID consumer when authenticating an https://OpenID - allow untrusted CA (e.g. for self-signed certificates) per-OpenID-provider, or per-user

Reply via email to