On Mon, Aug 07, 2006 at 10:28:01AM +0200, Daniel Kinzler wrote:
interiot@68k.org wrote:
If there's really a need for opt-in, I think that the toolserver should provide a better method for authenticating users.
This seems like a perfect application for OpenId http://openid.net/. I haven't read the specs and don't know how exactly it works, but it shouldn't be hard to implement. MediaWiki already has an OpenID extension, see http://svn.wikimedia.org/viewvc/mediawiki/trunk/extensions/OpenID/
-- Daniel
If OpenID was installed at all wikimedia servers, that would work, and it would avoid replication lag.
If enwiki replication was working though, we wouldn't need anything very complicated... a special database login would have access to the verification information, and most toolserver apps run on a single web domain, so it's straightforward to pass cookies from a central sign-on to all toolserver tools, and we would just need something like asymmetric encyrption to make sure the cookies can't be modified.
-Dave