I believe the OpenID extension is matured to the point where it's usable on the Wikimedia projects, acting as an OpenID provider. The extension still needs review and such, but I think it's a good time to discuss how we'd like to implement this on the projects.
My preference for this would be to have a centralized wiki for identity urls. The identity urls would be based on user pages. I'm proposing this for a few reasons:
1. It's easier to deal with identity urls in a centralized location, and it allows us to avoid including the OpenID extension on every wiki 2. We could very strictly limit our vulnerability surface on this wiki by only including what's necessary 3. At a later point we could decide to limit all authentication to this location, pointing login links from all projects/wikis here 4. At a later point we could decide to also use this as a global profile location
I'd prefer if we avoid the bikeshedding of the domain name in this discussion, if we are all in agreement over the use of a centralized wiki.
Thoughts?
- Ryan