[Concordia] [Fwd: [OpenID] concordia's mediawiki and openid handling: fussy? pape sensitive?]

Eric Tiffany eric at projectliberty.org
Mon Apr 7 08:57:35 EDT 2008 

Thanks for the heads up.  I am, of course, curious, how Peter (or anyone
else on the openid list) will get their questions answered.

In any case, iirc David Recordon wrote the code that implements OpenID on
the Concordia wiki.  At that time, I don't think there was official
MediaWiki support, fussy or otherwise.  Newer versions of MediaWiki may have
builtin (or "official" addon) support, but we are not using that.

And for the conspiracy theorists, I can assure you that there is no
Concordia whitelist (unless it is embedded in David's implementation, and we
don't know about it).

I've CC'd Oliver who maintains our wiki server, in case I've told any lies.

ET


On 4/7/08 3:34 AM, "Paul Madsen" <paulmadsen at rogers.com> wrote:

> FYI
> 
> paul
> 
> -------- Original Message --------
> Subject:  [OpenID] concordia's mediawiki and openid handling: fussy?
> pape sensitive?
> Date:  Sun, 6 Apr 2008 22:50:33 -0700
> From:  Peter Williams <pwilliams at rapattoni.com>
> To:  general at openid.net <general at openid.net>
> 
> 
> 
> On http://projectconcordia.org/index.php/User:Homepw, I posted a couple
> of screen shots of succeeding and failing messages sent to mediawiki,
> attempting to logon to the concordia website. MyOpenID works. (Vidoop
> also works. openid.trustbearer.com even works, with its smartcard
> logon.) My OP at TrustBearer <mailto:OP at TrustBearer> does not (even tho its
> openids work on Plaxo and various other sites).
>  
> I notice that both vidoop and myopenid send open.identity fields in
> strict normal form. They do not send http://homepw.myopenid.com
> <x-excid://BC120000/uri:http://homepw.myopenid.com/> but
> http://homepw.myopenid.com/ (with trailing slash). Is Media Wiki fussier
> about such things than plaxo? I suspect not, as openid.trustbearer.com
> works on mediawiki even though it sends
> openid.identity=http%3A%2F%2Fopenid.trustbearer.com%2Fpeterw .
>  
> I notice that unlike myopenid, vidoop, and trustbearer , my
> OP at trustbearer <mailto:OP at trustbearer> is sending openid.pape signals..
> Is Media Wiki fussy about such verifying such pape signals -- that it
> may not have requested?
>  
> I suppose the final question is: Could concordia's deployment of its RP
> be operating a whitelist of OPs?
>  
>  

-- 
____________________________________________________
Eric  Tiffany             |  eric at projectliberty.org
Interop Tech  Lead        |  +1 413-458-3743
Liberty Alliance          |  +1 413-627-1778 mobile

More information about the Community mailing list