On Tue, Jan 19, 2016 at 4:22 PM, James Salsman <jsals...@gmail.com> wrote: >> Have you looked at using OAuth for authentication? > > Yes; the modules in use support OAuth but we made a conscious decision to > support anonymity. Lack of anonymity can interfere with the operation of the > reviewer reputation database.
I'd love to read the background discussion that led to that decision. Could you identify which part of MediaWiki's OAuth implementation has unacceptable problems regarding anonymity? If you are setting high standards/promises in that regard, your alternative implementation of user authentication will need to be extremely carefully written (as will your entire codebase need very good security auditing). -- John Vandenberg _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l