what about managing creditentials in ikiwiki itself?

author: http://christian.amsuess.com/chrysn <chrysn@web> 2011-01-27 16:22:15 +0000
committer: Joey Hess <joey@kitenet.net> 2011-01-27 16:22:15 +0000
commit: 4f412100be4679ea984453c8d7a2bc910ee4877f (patch)
tree: 897691ea75056fe408b1f0ab003096229cde2326 /doc/todo
parent: 531f2dbaa734fc1baec17d0bf10d583da70fc376 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/todo/creditentials_page.mdwn b/doc/todo/creditentials_page.mdwn
new file mode 100644
index 000000000..8c6ee4500
--- /dev/null
+++ b/doc/todo/creditentials_page.mdwn
@@ -0,0 +1,9 @@
+pushing [[this|todo/httpauth feature parity with passwordauth]] further: would it make sense for users to have a `$USER/creditentials` page that is by default locked to the user and admins, where the user can state one or more of the below?
+
+* OpenID
+* ssh public key (would require an additional mechanism for writing this to a `authorized_keys` file with appropriate environment variables or prefix that makes sure the commit is checked against the right user and that the user names agree)
+* gpg public key (once there is a mechanism that relies on gpg for authentication))
+* https certificate hash (don't know details; afair the creation of such certificates is typically initiated server-side)
+* password hash (this is generally considered a valuable secret; is this still true with good hashes and proper salting?)
+
+such a page could have a form as described in [[todo/structured page data]] and could even serve as a way of managing users. --[[chrysn]]
author	http://christian.amsuess.com/chrysn <chrysn@web>	2011-01-27 16:22:15 +0000
committer	Joey Hess <joey@kitenet.net>	2011-01-27 16:22:15 +0000
commit	4f412100be4679ea984453c8d7a2bc910ee4877f (patch)
tree	897691ea75056fe408b1f0ab003096229cde2326 /doc/todo
parent	531f2dbaa734fc1baec17d0bf10d583da70fc376 (diff)