Gerard Meijssen wrote:
Gordon Mohr wrote:
You could settle on one master namespace (wikipedia.org?), then gradually roll sites over to only accepting logins from that namespace, giving people the option along the way of merging their old separate identity histories into the new master login(s). I suspect OpenID could help with the cross-domain logins, even if a final single namespace is the only one accepted for logins.
Given that you suggest "wikipedia.org", you do not appreciate that the uploading of pictures into Commons is one of the more pressing issues. There are MANY projects and wikipedia is only one.. :(
Picking any one namespace as the starting space does not rule out any application on any Wikimedia project.
In any unification -- completely independent of technology used -- it would be natural to start with the one existing namespace. Maybe the largest/most-active, or perhaps the namespace which overlaps all others the most, or perhaps the namespace with the most unique names. You'd then work outward resolving conflicts with other namespaces one by one. And, despite starting with the largest (or most-overlapping or most-unique), that namespace wouldn't necessarily win most conflicts. (It might lose most, because its size means a longer tail of seldom-used accounts.)
I'm guessing the Wikipedia projects are still largest (and also have the most overlap with others and the most unique names), but would be interested in pointers to any numbers which suggest otherwise.
(If existing project names are loaded with politically undesirable semantics, perhaps the best course would be to pick a relatively cryptic, semantically-unloaded 'name' for the unified login -- "WMLX" or some such, which is vaguely but not really an abbrieviation. Then start rolling other legacy namespaces into it. )
My point is the same: you can pick a single namespace, and wind up with a single namespace at the end of the transition, completely independent of the technology used.
Some people seem to be assuming that OpenID/YADIS *necessarily* means allowing signins from multiple and/or foreign namespaces. By my understanding, that's not the case.
I can't tell which of the three options listed at http://meta.wikimedia.org/wiki/Single_login_poll had the most developer support, but SUL-2 and SUL-3 both seem to suggest a transition phase where global and local coexist for a while. That would seem a natural application of the OpenID/YADIS approach, with a single global namespace exporting itself to any number of projects which accept global logins, but still have legacy local logins as well.
I'd also guess that after starting to unify, there could be a backlash when people start losing their logins. Multiple namespaces might then seem more appealing.
Is there a page or past thread capturing prior discussion and decisions about the single-signon goal?
- Gordon
The discussion on single-signon is old. It has been discussed to death. It has had special announced IRC chats dedicated to this subject and you can find the relevant stuff on Meta. A decision has been taken to implement this. Which is great given the problems that there is always someone new, who thinks that OpenID for instance had not been looked into.
I thank Rob Lanphier for providing a link to the Single_login_specifications page at Meta.
- Gordon