[Catalog-sig] OpenID login to PyPI
Ben Finney
ben+python at benfinney.id.au
Wed Nov 18 08:39:12 CET 2009
"Martin v. Löwis" <martin at v.loewis.de> writes:
> > Since OpenID is an authentication solution, you should probably just
> > accept the claimed identity as the username.
>
> It can't work that way, and shouldn't. First, OpenID defines the
> Simple Registration extensions (SREG) to explicitly cover a nickname,
> and also provide an email address. Whether or not I trust these data -
> at a minimum, I should use them - that's what OpenID users expect to
> happen.
Martin is correct here. The ‘nickname’ field is expected to become the
username for the newly-registered site-local account.
--
\ “It's my belief we developed language because of our deep inner |
`\ need to complain.” —Jane Wagner, via Lily Tomlin |
_o__) |
Ben Finney
More information about the Catalog-SIG
mailing list