On Wed, Jun 20, 2012 at 5:26 AM, Lionel Elie Mamane <lio...@mamane.lu> wrote:
> Ah, I understand. When the gerrit repos are the "true one source" and > gerrit will do the "push" automatically once someone validates the > patch in the web interface, what will "Committer" be? The one that > uploaded the patch or the one that validated it in the web interface? That will be dictated by the 'committer'/'author' fiels of the uploaded patch it is not touched afaik by gerrit > >> and isn't the whole point of OpenID is 're-use'. > > And? That I might be able to 're-use' on another website in 5 years > does not make it any easier or more attractive to go through a > double-plus-more-complicated setup to get an OpenID identity > (double-plus-more-complicated compared to clicking "register" and > copy-pasting a random password generated by pwgen or "dd > if=/dev/urandom count=1 bs=9 | uuencode -m foo". Plus the though > choice of "OK, who (which OpenID provider) do I want to give the power > to impersonate me"?) > > To add insult to injury, I cannot 're-use' *any* of my *existing* > reusable authentication methods. I have an OpenPGP card, SSH keys in > files, I have X.509 client certs (in files, on smartcard, ...), > etc. Noooo, it has to be *yet* *another* method. 1/ I did not design nor wrote gerrit (or it would certainly not be in Java. 2/ It is a case of damned if you do, damned if you don;t. The exact same complain about "*yet* another method" was raised because our wiki _does_ not use OpenIDfor auth. 3/ I know that our sysadm are looking at setting up our 'own' OpenID service, if/when that happen and is flexible enough we may be able to patch/configure gerrit so that loggin is just one click awya (just like google-based onpenid is today) Norbert _______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
