[OpenID] Logging in problem

Peter Williams pwilliams at rapattoni.com
Mon Dec 15 19:00:45 UTC 2008 

Be as tired as you like. Its immaterial to the scalability of security management for 2 billion users.

Lets test who actually cannot play (and find out what/who is debian?). I have a ca, and its supporting my op. Its not known to be regisitered with debian (whoever they are).

Lets see who the foundation prevents from registering/enrolling (because of their ops choice of ca).

The interesting case is/was eddy, whose ca used to be denied for openid discovery (the one case "that doesn't exist"...). We will see if the foundaton added eddys ca, or it came in via debian ctl (what power!)

-----Original Message-----
From: David Recordon <drecordon at sixapart.com>
Sent: Monday, December 15, 2008 10:32 AM
To: Peter Williams <pwilliams at rapattoni.com>
Cc: chris.messina at gmail.com <chris.messina at gmail.com>; Peat Bakke <peat.bakke at bluehillsolutions.com>; general at openid.net List <general at openid.net>
Subject: Re: [OpenID] Logging in problem


I'd imagine the CA list is whatever is provided by Debian.
Considering *not a single person* has complained about running into a
problem around using a SSL enabled OpenID, I'm getting a bit tired of
the hypothetical conversation. :)

On Dec 15, 2008, at 10:06 AM, Peter Williams wrote:

> Since voting requires membership, and membership requires an openid
> (and the Foundation relying on it), can folks disclose what the
> Foundation services' configuration(s) is/are for https openids,
> please.
>
>
> Are there perfectly legitimate consumer CAs out there which cannot
> be used with a UCI-based openid = membership = vote, because of the
> configuration?
>
> What is the list (if any) of CAs that may be used for vote
> registration (ie. Membership), if one a subscriber chooses an https
> OpenID?
>
> What is the list (if any) of CAs that may be used for vote casting,
> if a member chooses an https  OpenID?
>
> Is there any difference in the list, and how is the lists(s) being
> decided?
>
> Can one registered multiple openids with the member profile (like
> Plaxo allow, analogously)?
>
> Is there a policy of controlling changes to the CA lists(s) between
> registration and voting? For example, could voting using the member-
> registered OpenID fail, if the CA falls off the authorized list
> before voting day, or the cert expires, or its own authority's CRL
> posts a suspended status?
>
>
>
>> -----Original Message-----
>> From: general-bounces at openid.net [mailto:general-
>> bounces at openid.net] On
>> Behalf Of chris.messina at gmail.com
>> Sent: Monday, December 15, 2008 9:01 AM
>> To: Peat Bakke
>> Cc: general at openid.net List
>> Subject: Re: [OpenID] Logging in problem
>>
>> Thanks.
>>
>> Perhaps the first (and only) option/step should be: "to get started,
>> please sign in with an OpenID". I know that after I first purchased
>> my
>> membership and returned, I was confused by seeing the membership form
>> again.
>>
>> Speaking of, has the session length been extended to 2 weeks?
>>
>> And is it possible for non-US addresses to be used when registering?
>>
>> Chris
>>
>> On 12/15/08, Peat Bakke <peat.bakke at bluehillsolutions.com> wrote:
>>> Chris,
>>>
>>> I counted 13 visitors who were affected by this, 9 of who were able
>> to
>>> continue after clicking the "Sign In" link at the top of the
>>> page ...
>>> the error was happening when people attempted to move to the next
>> step
>>> without having authenticated their ID.  We prevented the error from
>>> happening, and we can update the UI to make it more explicit that
>>> the
>>> OpenID is required to continue.
>>>
>>> Thanks,
>>> -Peat
>>>
>>> On Mon, Dec 15, 2008 at 8:34 AM,  <chris.messina at gmail.com> wrote:
>>>> I'll give this a go when I'm off my iPhone, but us there an error
>> log
>>>> available to give us some sense for the number of people this might
>>>> have effected?
>>>>
>>>> Chris
>>>>
>>>> On 12/15/08, Brian Kissel <bkissel at janrain.com> wrote:
>>>>> Hello All,
>>>>>
>>>>>
>>>>> Refresh Media reports that the bug that caused the "The change you
>> wanted
>>>>> was rejected. Maybe you tried to change something you didn't have
>> access
>>>>> to"
>>>>> has been fixed.
>>>>>
>>>>>
>>>>>
>>>>> Please give it a try and let them know if you're still
>>>>> experiencing
>> the
>>>>> problem.
>>>>>
>>>>>
>>>>>
>>>>> Thanks,
>>>>>
>>>>>
>>>>> Brian
>>>>>
>>>>> ==============
>>>>>
>>>>> Brian Kissel
>>>>>
>>>>> Cell: 503.866.4424
>>>>>
>>>>> Fax: 503.296.5502
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Chris Messina
>>>> Citizen-Participant &
>>>> Open Technology Advocate-at-Large
>>>> factoryjoe.com # diso-project.org
>>>> citizenagency.com # vidoop.com
>>>> This email is:   [ ] bloggable    [X] ask first   [ ] private
>>>>
>>>
>>>
>>>
>>> --
>>> Peat Bakke
>>> (503) 701-4135
>>>
>>
>>
>> --
>> Chris Messina
>> Citizen-Participant &
>>  Open Technology Advocate-at-Large
>> factoryjoe.com # diso-project.org
>> citizenagency.com # vidoop.com
>> This email is:   [ ] bloggable    [X] ask first   [ ] private
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

More information about the general mailing list