LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

OpenID provider vs relying party

OpenID provider vs relying party

Posted Aug 2, 2008 15:47 UTC (Sat) by tialaramex (subscriber, #21167)
In reply to: OpenID provider vs relying party by mmcgrath
Parent article: FUDCon report from the Fedora Project Leader (Red Hat Magazine) 

[This reply is a bit late coming, sorry]

OpenID doesn't forbid you from attaching some site-specific conditions to usage. I see that
the CLA process requires contributors to give you a telephone contact number and a home or
work address. You could easily also ask them to provide an OpenID at this point.

If someone signs into the site using an OpenID that doesn't have a CLA on file, you can send
them to information about joining Fedora. For existing members you can add an account page
which lets them add or remove an OpenID on their account, in the same way that they can
currently change their contact details or password.

If the CLA is taken very seriously (do you follow-up and check that every telephone number is
valid and contacts the person who filled out the form? that every address given is a
residential or office address and that the person lives or works there?) then you might want
to Whitelist OpenID providers based on their authentication policies, but in any case there is
no legal blocker to being a relying party. I hope you can make it happen.

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds