[OpenID] OpenID MediaWiki Extension v.0.8.4.1 - Identity Providers UI

Sergey Chernyshev sergey.chernyshev at gmail.com
Mon Apr 20 15:33:13 UTC 2009


Unfortunately, it might be quite hard for MediaWiki admins to set up SSL
comparing to what they do to setup MediaWiki or it's extensions. Looks like
XRDS is "easier" approach to implement.

        Sergey


On Sun, Apr 19, 2009 at 3:46 PM, Peter Williams <pwilliams at rapattoni.com>wrote:

> This could be interesting of itself in the uci spirit of openid.
>
> One can use yahoos willingess to rely without warning on a https realm as
> an authentication scheme. Yahoo implies that the https cert on an https
> realm is "valid" (wrt its trust list, its handling of crls and arls). A
> reputation service can now crawl which sites yahoo so rates, and publish a
> meta reliance signal (by updating its ocsp database for example). Those rp
> doing discovery on smaller ops might configure their ssl client engines to
> use that ocsp source, when qualifying the original yahoo rp (now acting as
> an asserting or attribute authority/agent of the dataowner (ie the user) ).
>
> ________________________________
> From: Allen Tom <atom at yahoo-inc.com>
> Sent: Sunday, April 19, 2009 12:34 PM
> To: Sergey Chernyshev <sergey.chernyshev at gmail.com>
> Cc: Wikimedia developers <wikitech-l at lists.wikimedia.org>;
> general at openid.net <general at openid.net>
> Subject: Re: [OpenID] OpenID MediaWiki Extension v.0.8.4.1 - Identity
> Providers UI
>
> Hi Sergey,
>
> The Yahoo OpenID Provider will display a warning to the user if the RP's
> OpenID endpoints are not discoverable.
>
> Warning: This website has not confirmed its identity with Yahoo! and might
> be fraudulent. Do not share any personal information with this website
> unless you are certain it is legitimate.
>
> The best documentation for fixing this issue is here:
> http://blog.nerdbank.net/2008/06/why-yahoo-says-your-openid-site.html
>
> The AOL Sign-in form fails if the user just clicks the Login Button without
> entering their AOL ScreenName. You might want to  disable the button until
> after the user types in their ScreenName. This will only be an issue until
> AOL upgrades their OpenID Provider from OpenID 1.1 to OpenID 2.0. Once they
> have OpenID 2.0 support, you'll be able to handle AOL logins identically to
> Google and Yahoo.
>
> Good job!
> Allen
>
>
> Sergey Chernyshev wrote:
> Hi,
>
> I'm done with initial implementation of Identity Providers UI for OpenID
> MediaWiki Extension.
>
> Extension now shows a user-friendly (although my design skills are far from
> perfect) form where they can pick from a list of OpenID providers (generic
> OpenID URL form is still default).
>
> You can see it in action here:
> http://www.mediawikiwidgets.org/Special:OpenIDLogin
> http://www.techpresentations.org/Special:OpenIDLogin (without icons - I'll
> enable them later)
>
> After some discussions and concerns here on the list, I implemented it in
> the way that provider logos don't show up by default and if you would like
> to show them on your site, you have to add:
>
>     $wgOpenIDShowProviderIcons = true;
>
> to your LocalSettings.php
>
> Hope you like it, but I'm still open to suggestions about improving the
> interface so you all finally install it on your wikis ;)
>
> Thank you,
>
>        Sergey
>
>
> --
> Sergey Chernyshev
> http://www.sergeychernyshev.com/
>
>
>
> ________________________________
>
> _______________________________________________
> general mailing list
> general at openid.net<mailto:general at openid.net>
> http://openid.net/mailman/listinfo/general
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090420/35ec8f6a/attachment.htm>


More information about the general mailing list