TL;DR: What if we launched id.gentoo.org, an identity provider that provides authentication for Gentoo properties? Basically, 1 username / password for wiki, bugs, email, forums, and any other http service[0][1].
Today Gentoo has numerous systems that mostly work in a segmented way. - To connect to hosts, we use ssh keys. - Git is authenticated via ssh keys. - Email uses LDAP passwords. - Bugzilla has its own identities, with their own passwords. - Wiki is separate, with its own passwords. - Forums are separate. - Infra has an additional 4 systems that use separate credentials. Some applications support 2FA (such as wiki.) Some applications do not support 2FA. Applications that require 2FA have a configuration for each app, so you have N configurations. If we configured id.gentoo.org you would have 1 identity across all gentoo properties. Is this a thing people are interested in? [0] It's unlikely operations for git via ssh would change in this rollout. [1] Its unclear if the scope is "gentoo developers" or "any community member." The former have LDAP accounts and @gentoo.org email addresses and so we can manage them easily; managing 1000s of other accounts in the IDP remains to be seem.
