[Distutils] Google Auth is broken for PyPI

Nick Coghlan ncoghlan at gmail.com
Wed Feb 11 06:26:07 CET 2015

On 11 February 2015 at 04:28, Jeremy Stanley <fungi at yuggoth.org> wrote:
> On 2015-02-10 12:33:29 -0500 (-0500), Donald Stufft wrote:
> [...]
>> In a slightly hypocritical view point, I actually think that at
>> some point we should get something like id.python.org which is an
>> IdP and switch all of the *.python.org sites to authenticate
>> against that instead of keeping local user accounts. This would
>> reduce the number of passwords that Python inflicts on people but
>> it still keeps authentication within our (PSF/Python/whatever)'s
>> control. This is more along the lines of implementing SSO using a
>> federated auth technology than actual federated auth though.
> The OpenStack community is in the process of doing this already (for
> exactly all of the same reasons you stated), so I'm happy to discuss
> details or point you to relevant ML/IRC conversations and software
> if it helps in any way.

Likewise, although in my case, Fedora had the Fedora Account System in
place long before I got involved in the project, and in my experience
it works well :)


Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia

More information about the Distutils-SIG mailing list