On Fri, Jan 4, 2013 at 9:53 AM, Tyler Romeo <tylerromeo(a)gmail.com> wrote:
[..]
As far as a solution goes, I have a complete codebase
for
Extension:TokenAuth, which allows users to have MediaWiki sign a blinded
token, which can then be used to bypass a specific IP block in order to log
in and edit. It is almost ready; there are just a few functionality
problems with the JavaScript crypto library.
That sounds really cool. However I'm not sure how it solves the
problem. If we allow people to get tokens signed that lets them bypass
the TOR blocks, we may as well just not hand out tor blocks in the
first place (if everyone can get a blinded token), or hand out the
overrides via IP block exempt group (If we limit who can get such
tokens).
-bawolff