OpenID yadda yadda yadda...

Ben Finney bignose+hates-spam at benfinney.id.au
Thu Mar 12 02:09:22 GMT 2009


Martin Pool <mbp at sourcefrog.net> writes:

> Being an OpenID consumer would be useful. However there are some
> things Launchpad needs to do that are not (afaik) in the scope of
> openid, including getting a password and/or gpg key, and getting a
> verified mail address.

An OpenID consumer (also called a “relying party” these days) can
request the provider to supply values for various attributes [0],
either at registration time or another occasion.

An email address is a very common attribute to exchange during
registration. I expect a GPG public key would also be suitable for
attribute exchange.

> It would also be nice if Launchpad automatically trusted gpg
> signatures from people with reasonably well-connected keys, and also
> implicitly created records for people who want to open bugs without
> explicitly creating an account.

Yes, that latter would be ideal from my perspective: my first
interaction with submitting a bug report should be to *submit the bug
report*, not be forced to set up a new identity. One reason why I use
Debian is that I can immediately report bugs from anywhere with very
little distraction from just sending the bug report.


[0] <URL:http://openid.net/specs/openid-attribute-exchange-1_0.html>
    and <URL:http://www.axschema.org/>

-- 
 \       “Liberty, n. One of imagination's most precious possessions.” |
  `\                   —Ambrose Bierce, _The Devil's Dictionary_, 1906 |
_o__)                                                                  |
Ben Finney




More information about the bazaar mailing list