[Python-Dev] Offtopic: OpenID Providers

[Dan Callahan]

On 9/5/13 12:31 PM, Jesus Cea wrote:
> I have big hopes for Mozilla Persona, looking forward
> Python infrastructure support :).

Hi, I'm the project lead on Persona signin, and I spoke at PyCon earlier 
this year regarding why and how Mozilla is building Persona. If you'd 
like some more background, that video [0] is worth a look.

Let's pull this discussion up a level:

It sounds like many people (Jesus, Donald, Toshio, Barry, Tres, Dirkjan, 
etc.) are interested in seeing Persona on Python.org properties, and 
most of the objections coming from a place of "Persona hasn't gone 
viral, what if this is wasted effort?"

We can tackle that from two angles:

1. Dirkjan and I are willing to do the work to make this happen if 
someone from python-devel is willing to guide us through the contributor 
process for these systems.

2. There's a seamless migration path away from Persona if we fail: fall 
back to the pre-existing traditional email/password system using the 
same email addresses that Persona had previously been in charge of 
verifying.

So let's do this. The open web deserves better than just Google+, 
Facebook, or Passwords, and visible support from the Python community 
would be a huge step toward answering the chicken-and-egg objections 
raised in this thread.

At your service,
-Callahad

PS: Freeform OpenID has utterly failed as a user-empowering 
authentication system, and the protocol itself is rapidly being 
supplanted by vendor-specific OAuth[1] systems. If we want to ensure 
that "you *can* (not *must*) use free and open services to access our 
resources," then we must provide an option to use something akin to Persona.

[0]: http://pyvideo.org/video/1764

[1]: "Google's OpenID service is being replaced by Login with OAuth 
2.0." https://developers.google.com/accounts/docs/GettingStarted