[Catalog-sig] OpenID login to PyPI

Ben Finney ben+python at benfinney.id.au
Wed Nov 18 08:39:12 CET 2009

"Martin v. Löwis" <martin at v.loewis.de> writes:

> > Since OpenID is an authentication solution, you should probably just
> > accept the claimed identity as the username.
> It can't work that way, and shouldn't. First, OpenID defines the
> Simple Registration extensions (SREG) to explicitly cover a nickname,
> and also provide an email address. Whether or not I trust these data -
> at a minimum, I should use them - that's what OpenID users expect to
> happen.

Martin is correct here. The ‘nickname’ field is expected to become the
username for the newly-registered site-local account.

 \     “It's my belief we developed language because of our deep inner |
  `\                  need to complain.” —Jane Wagner, via Lily Tomlin |
_o__)                                                                  |
Ben Finney

More information about the Catalog-SIG mailing list