summaryrefslogtreecommitdiff
path: root/doc/todo
diff options
context:
space:
mode:
authorhttp://christian.amsuess.com/chrysn <chrysn@web>2011-01-28 01:54:42 +0000
committerJoey Hess <joey@kitenet.net>2011-01-28 01:54:42 +0000
commit8f7ab9f4bf2b3af71b14531e896b5b7043d4814b (patch)
tree22c6a317863bc7af8e2f4b73e1ed3931710bfbc9 /doc/todo
parentc62a529a1aed3ceb5995d893f303be1bfef24726 (diff)
clarification / why do i want this static / it's "credentials"
Diffstat (limited to 'doc/todo')
-rw-r--r--doc/todo/credentials_page.mdwn10
1 files changed, 9 insertions, 1 deletions
diff --git a/doc/todo/credentials_page.mdwn b/doc/todo/credentials_page.mdwn
index 42a63ad16..161f63a80 100644
--- a/doc/todo/credentials_page.mdwn
+++ b/doc/todo/credentials_page.mdwn
@@ -1,4 +1,4 @@
-pushing [[this|todo/httpauth feature parity with passwordauth]] and [[this|todo/htpasswd mirror of the userdb]] further (although rather in the [[wishlist]] priority): would it make sense for users to have a `$USER/creditentials` page that is by default locked to the user and admins, where the user can state one or more of the below?
+pushing [[this|todo/httpauth feature parity with passwordauth]] and [[this|todo/htpasswd mirror of the userdb]] further (although rather in the [[wishlist]] priority): would it make sense for users to have a `$USER/credentials` page that is by default locked to the user and admins, where the user can state one or more of the below?
* OpenID
* ssh public key (would require an additional mechanism for writing this to a `authorized_keys` file with appropriate environment variables or prefix that makes sure the commit is checked against the right user and that the user names agree)
@@ -21,3 +21,11 @@ such a page could have a form as described in [[todo/structured page data]] and
> public keys in `authorized_keys` etc).
> -- GB
+
+>> having multiple login options leading to the same identity, and (more important to me) giving the user an easy way to review and edit them. i'm thinking a bit of foaf+ssl style "i am $USER and you can recognize me by my client certificate $CERTIFICATE" statements.
+>>
+>> the reason why i want this in a static place instead of cgi level is that it can be used, for example, for automatically creating htpasswd files for read-only (cgi-less) replicas of private wikis. furthermore, it all gets versioned and it can easily be seen where the data really is. the credentials have to be filed appropriately by plugins anyway, but that can happen as a part of the regular rebuild process.
+>>
+>> and yes, you're right about the word misusage; thanks for pointing it out and fixing it.
+>>
+>> --[[chrysn]]