Gentoo Archives: gentoo-dev

From: Alec Warner <antarus@g.o>
To: Gentoo Dev <gentoo-dev@l.g.o>
Subject: [gentoo-dev] RFC: Gentoo Identity Provider
Date: Tue, 19 May 2020 01:42:42
1 TL;DR: What if we launched, an identity provider that
2 provides authentication for Gentoo properties? Basically, 1 username /
3 password for wiki, bugs, email, forums, and any other http service[0][1].
5 Today Gentoo has numerous systems that mostly work in a segmented way.
7 - To connect to hosts, we use ssh keys.
8 - Git is authenticated via ssh keys.
9 - Email uses LDAP passwords.
10 - Bugzilla has its own identities, with their own passwords.
11 - Wiki is separate, with its own passwords.
12 - Forums are separate.
13 - Infra has an additional 4 systems that use separate credentials.
15 Some applications support 2FA (such as wiki.)
16 Some applications do not support 2FA.
17 Applications that require 2FA have a configuration for each app, so you
18 have N configurations.
20 If we configured you would have 1 identity across all gentoo
21 properties.
23 Is this a thing people are interested in?
25 [0] It's unlikely operations for git via ssh would change in this rollout.
26 [1] Its unclear if the scope is "gentoo developers" or "any community
27 member." The former have LDAP accounts and email addresses and
28 so we can manage them easily; managing 1000s of other accounts in the IDP
29 remains to be seem.


Subject Author
Re: [gentoo-dev] RFC: Gentoo Identity Provider Fabian Groffen <grobian@g.o>
Re: [gentoo-dev] RFC: Gentoo Identity Provider "Michał Górny" <mgorny@g.o>
Re: [gentoo-dev] RFC: Gentoo Identity Provider Joonas Niilola <juippis@g.o>
Re: [gentoo-dev] RFC: Gentoo Identity Provider Lars Wendler <polynomial-c@g.o>