Web lists-archives.com

Re: Single Sign On for Debian




On 2017-08-20 16:28:05, Luca Filipozzi wrote:
> As expressed during the DC17 DSA and Cloud BoFs, I'm in favour of two
> related but orthogonal things:
> 1 collapsing user management into a single user store (LDAP)**
> 2 introducing SAML or OIDC IdPs so that we can tie into AWS, Azure, and
>   GCP SSO features
> 
> 1 isn't necessarily a pre-requisite for 2 but the mishmash of processing
> we have Guest vs DM vs DD is fugly (let alone Alioth-type users).

Looking at the above from Cloud Team member perspective I'd like to see this
done. I also know that JEB was suggesting something similar some time ago.
I don't think that any of the Cloud Team members or DDs would be against this
solution, but if they would is it should be know, that's why cross post to
debian-cloud (sorry for this) so people can vice their opinion.

At this point in time I'm not capable of helping with backends but I could
help with integrating db.d.o with our AWS account (I'm one of the admins)
however we'll choose to do it.

From experience I also know that not too many non DD or DMs are having access to
those (AWS,GCP) accounts. So focusing on those 2 groups should be sufficient
for start.
-- 

|_|0|_|                                                  |
|_|_|0|                  "Panta rei"                     |
|0|0|0|             -------- kuLa --------               |

gpg --keyserver pgp.mit.edu --recv-keys 0x686930DD58C338B3
3DF1  A4DF  C732  4688  38BC  F121  6869  30DD  58C3  38B3

Attachment: signature.asc
Description: PGP signature