[OpenID] Logging in problem

chris.messina at gmail.com chris.messina at gmail.com
Mon Dec 15 19:09:24 UTC 2008 

Peter, I think you've amply registered your concern about the list of CAs.

Debian is the open source operating system running the server. I
believe the approved CAs can be discovered from the project's website.

As for your concern, I believe it is up to the membership committee to
handle any non-supported CAs. Therefore, if you cannot sign in to the
site, please email membership at oidf.org. As there are currently less
than 200 paid members, I believe that your constant revisiting of this
issue is nonproductive and should only be raised with membership@ if
indeed anyone is unable to authenticate themselves.

As David said, this issue is purely hypothethical, whereas as the
original error is known to have affected 13 people.

Chris
On 12/15/08, Peter Williams <pwilliams at rapattoni.com> wrote:
> Be as tired as you like. Its immaterial to the scalability of security
> management for 2 billion users.
>
> Lets test who actually cannot play (and find out what/who is debian?). I
> have a ca, and its supporting my op. Its not known to be regisitered with
> debian (whoever they are).
>
> Lets see who the foundation prevents from registering/enrolling (because of
> their ops choice of ca).
>
> The interesting case is/was eddy, whose ca used to be denied for openid
> discovery (the one case "that doesn't exist"...). We will see if the
> foundaton added eddys ca, or it came in via debian ctl (what power!)
>
> -----Original Message-----
> From: David Recordon <drecordon at sixapart.com>
> Sent: Monday, December 15, 2008 10:32 AM
> To: Peter Williams <pwilliams at rapattoni.com>
> Cc: chris.messina at gmail.com <chris.messina at gmail.com>; Peat Bakke
> <peat.bakke at bluehillsolutions.com>; general at openid.net List
> <general at openid.net>
> Subject: Re: [OpenID] Logging in problem
>
>
> I'd imagine the CA list is whatever is provided by Debian.
> Considering *not a single person* has complained about running into a
> problem around using a SSL enabled OpenID, I'm getting a bit tired of
> the hypothetical conversation. :)
>
> On Dec 15, 2008, at 10:06 AM, Peter Williams wrote:
>
>> Since voting requires membership, and membership requires an openid
>> (and the Foundation relying on it), can folks disclose what the
>> Foundation services' configuration(s) is/are for https openids,
>> please.
>>
>>
>> Are there perfectly legitimate consumer CAs out there which cannot
>> be used with a UCI-based openid = membership = vote, because of the
>> configuration?
>>
>> What is the list (if any) of CAs that may be used for vote
>> registration (ie. Membership), if one a subscriber chooses an https
>> OpenID?
>>
>> What is the list (if any) of CAs that may be used for vote casting,
>> if a member chooses an https  OpenID?
>>
>> Is there any difference in the list, and how is the lists(s) being
>> decided?
>>
>> Can one registered multiple openids with the member profile (like
>> Plaxo allow, analogously)?
>>
>> Is there a policy of controlling changes to the CA lists(s) between
>> registration and voting? For example, could voting using the member-
>> registered OpenID fail, if the CA falls off the authorized list
>> before voting day, or the cert expires, or its own authority's CRL
>> posts a suspended status?
>>
>>
>>
>>> -----Original Message-----
>>> From: general-bounces at openid.net [mailto:general-
>>> bounces at openid.net] On
>>> Behalf Of chris.messina at gmail.com
>>> Sent: Monday, December 15, 2008 9:01 AM
>>> To: Peat Bakke
>>> Cc: general at openid.net List
>>> Subject: Re: [OpenID] Logging in problem
>>>
>>> Thanks.
>>>
>>> Perhaps the first (and only) option/step should be: "to get started,
>>> please sign in with an OpenID". I know that after I first purchased
>>> my
>>> membership and returned, I was confused by seeing the membership form
>>> again.
>>>
>>> Speaking of, has the session length been extended to 2 weeks?
>>>
>>> And is it possible for non-US addresses to be used when registering?
>>>
>>> Chris
>>>
>>> On 12/15/08, Peat Bakke <peat.bakke at bluehillsolutions.com> wrote:
>>>> Chris,
>>>>
>>>> I counted 13 visitors who were affected by this, 9 of who were able
>>> to
>>>> continue after clicking the "Sign In" link at the top of the
>>>> page ...
>>>> the error was happening when people attempted to move to the next
>>> step
>>>> without having authenticated their ID.  We prevented the error from
>>>> happening, and we can update the UI to make it more explicit that
>>>> the
>>>> OpenID is required to continue.
>>>>
>>>> Thanks,
>>>> -Peat
>>>>
>>>> On Mon, Dec 15, 2008 at 8:34 AM,  <chris.messina at gmail.com> wrote:
>>>>> I'll give this a go when I'm off my iPhone, but us there an error
>>> log
>>>>> available to give us some sense for the number of people this might
>>>>> have effected?
>>>>>
>>>>> Chris
>>>>>
>>>>> On 12/15/08, Brian Kissel <bkissel at janrain.com> wrote:
>>>>>> Hello All,
>>>>>>
>>>>>>
>>>>>> Refresh Media reports that the bug that caused the "The change you
>>> wanted
>>>>>> was rejected. Maybe you tried to change something you didn't have
>>> access
>>>>>> to"
>>>>>> has been fixed.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Please give it a try and let them know if you're still
>>>>>> experiencing
>>> the
>>>>>> problem.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>>
>>>>>> Brian
>>>>>>
>>>>>> ==============
>>>>>>
>>>>>> Brian Kissel
>>>>>>
>>>>>> Cell: 503.866.4424
>>>>>>
>>>>>> Fax: 503.296.5502
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Chris Messina
>>>>> Citizen-Participant &
>>>>> Open Technology Advocate-at-Large
>>>>> factoryjoe.com # diso-project.org
>>>>> citizenagency.com # vidoop.com
>>>>> This email is:   [ ] bloggable    [X] ask first   [ ] private
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Peat Bakke
>>>> (503) 701-4135
>>>>
>>>
>>>
>>> --
>>> Chris Messina
>>> Citizen-Participant &
>>>  Open Technology Advocate-at-Large
>>> factoryjoe.com # diso-project.org
>>> citizenagency.com # vidoop.com
>>> This email is:   [ ] bloggable    [X] ask first   [ ] private
>>> _______________________________________________
>>> general mailing list
>>> general at openid.net
>>> http://openid.net/mailman/listinfo/general
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>
>
>


-- 
Chris Messina
Citizen-Participant &
  Open Technology Advocate-at-Large
factoryjoe.com # diso-project.org
citizenagency.com # vidoop.com
This email is:   [ ] bloggable    [X] ask first   [ ] private

More information about the general mailing list