openid support for f9?
Richi Plana
myfedora at richip.dhs.org
Thu Nov 8 16:42:07 UTC 2007
A question for the fedora folks: in terms of libraries, what should I
use in pam modules for:
a) string processing & manipulation support (glib?)
b) Network access (specifically HTTP and HTTPS)
c) Diffie-Hellman Key Exchange
Some have multiple implementations and I'm wondering if there are any
that are considered a "core" part of any Fedora installation. By "core",
I really just mean something that's most likely to be installed by even
the most stripped-down version of Fedora.
--
Richi Plana
On Thu, 2007-11-08 at 09:01 -0700, Richi Plana wrote:
> On Thu, 2007-11-08 at 06:50 -0500, Neal Becker wrote:
> > It seems that openid is moving along. Maybe f9 can integrate openid as an
> > SSO solution?
> >
> > http://lwn.net/Articles/255774/
>
> Certainly an interesting concept, but that would pull us way too far
> into the Internet space (as opposed to local or even private domain
> space). How would an openid user map to Linux in terms of UID? Would a
> uid be assigned on a local machine? On the domain (if the machine the
> person is logging into happens to be a part of a bigger network)? Does
> the OpenID spec have provisions for account authorization and
> information? There are still some UNIX-y things needed by current
> distributions that we have to find solutions for.
>
> OTOH, it ties well with the Gnome Online Desktop idea, once you get past
> (or provide for) the things that traditional Unix accounts need. It
> would do well on truly public kiosks where authorization can be some
> public default and accounting based in OpenID.
>
> I was going to try my hand at writing an OpenID PAM module, but found a
> project already started on google
> (http://code.google.com/p/pam-openid/ ) It's linked to from these blogs:
> http://kveton.com/blog/2006/12/10/openid-pam/ and
> http://yablog-gary.blogspot.com/2007/10/openid-pam-and-apache.html .
> According to one site, they had some discussion going, but the posts
> were lost or yanked.
>
> At any rate, I'll play around with the idea and post results there.
> --
>
> Richi Plana
>
More information about the fedora-devel-list
mailing list