On Thu, Jul 25, 2002 at 08:39:32AM -0400, Jens Vagelpohl wrote:
Considering that most Zope users are interested in most of these sites, except when the language is not english, and that some want to really participate, I think this registration process quickly becomes very boring, and remembering all the different passwords is difficult, unless you always use the same which is insecure.
i'm not sure about that assertion. i think a typical usage pattern is more like "everyone has their own small set of sites they visit regularly".
probably because registering is boring...
i think what you *really* want (and the only thing that make bring any kind of difference to users at all) is single sign-on. i log into zope.org and when i jump to zopezen it will recognize and use the credentials i just entered when i visited zope.org.
yes that was it.
having all users in the same repository will not make much of a difference to users.
to webmasters it will ;-)
you still have to "log in" every time you visit a different site. that would not bring any discernible advantage, other than the fact that you would have the same username and password on all those sites. same username and password is kind of bad in itself because if some script kiddie finds out about one login he knows them all.
problem with centralized user repository: who would be administering such a server? who would be available if one site's webmaster or user has problems and needs assistance?
hey we are not speaking about vital data here. needs assistance : asks a dedicated ML all participating webmasters would be user repository admins anyway (co-opted by the others) no answer => try IRC or retry later. the more sites which participate, the better support service we have.
well, ok, now you have all users in a single directory. i don't see how that would bring the community together more. it makes zero difference to the user, apart from having the same username/password all over.
yes I meant single sign-on to any participating site allows one to access any other one with the same authentication information. bye, Jerome Alet