openid support for f9?

Thu Nov 8 18:58:59 UTC 2007

On Thu, 2007-11-08 at 13:13 -0500, Matthias Clasen wrote:
> On Thu, 2007-11-08 at 12:54 -0500, Simo Sorce wrote:
> > On Thu, 2007-11-08 at 09:01 -0700, Richi Plana wrote:
> > > Certainly an interesting concept, but that would pull us way too far
> > > into the Internet space (as opposed to local or even private domain
> > > space). How would an openid user map to Linux in terms of UID? Would a
> > > uid be assigned on a local machine? On the domain (if the machine the
> > > person is logging into happens to be a part of a bigger network)? Does
> > > the OpenID spec have provisions for account authorization and
> > > information? There are still some UNIX-y things needed by current
> > > distributions that we have to find solutions for.
> > 
> > We have the problem of UIDs in the enterprise space right now even
> > without OpenID in the mix.
> > 
> > The problem being Posix and Linux/UNIX really are not "network-aware"
> > when it comes to identity.
> 
> This seems like an excellent occasion to point to the freeIPA project
> (wwww.freeeipa.org), which we will hopefully start to appear in Fedora
> fairly soon.

Yes actually I will try to pursue my plan as part of FreeIPA as well.
Right now freeipa still uses the classic approach (all uids need to be
consolidated), because the other plan needs kernel and userland support,
and anyway other Unices will need it for long.

But if you are interested in Identity management problems, be sure to
follow that project as I am willing to tackle one of them at a a time
there.

/Simo not afraid of trying to fight with the Mills.