On Fri, Jan 4, 2013 at 9:53 AM, Tyler Romeo tylerromeo@gmail.com wrote: [..]
As far as a solution goes, I have a complete codebase for Extension:TokenAuth, which allows users to have MediaWiki sign a blinded token, which can then be used to bypass a specific IP block in order to log in and edit. It is almost ready; there are just a few functionality problems with the JavaScript crypto library.
That sounds really cool. However I'm not sure how it solves the problem. If we allow people to get tokens signed that lets them bypass the TOR blocks, we may as well just not hand out tor blocks in the first place (if everyone can get a blinded token), or hand out the overrides via IP block exempt group (If we limit who can get such tokens).
-bawolff