Sputnik: sputnik + OpenID job

sputnik + OpenID job
XSSFilter could not parse (X)HTML:


<p>From sputnik-list-bounces@lists.luaforge.net Fri Jan 30 08:55:56 2009
Received: from pop.gmail.com (ag-in-f109.google.com [72.14.247.109])</p>
<pre><code>by localhost (mpop-1.0.11) with POP3
for <yuri>; Fri, 30 Jan 2009 08:55:56 +0000
</code></pre>
<p>Delivered-To: sputnik.list.archiver@gmail.com
Received: by 10.142.12.9 with SMTP id 9cs369026wfl;</p>
<pre><code>    Sun, 25 Jan 2009 22:36:45 -0800 (PST)
</code></pre>
<p>Received: by 10.100.122.8 with SMTP id u8mr3058909anc.131.1232951804264;</p>
<pre><code>    Sun, 25 Jan 2009 22:36:44 -0800 (PST)
</code></pre>
<p>Return-Path: <a href="mailto:sputnik-list-bounces@lists.luaforge.net">sputnik-list-bounces@lists.luaforge.net</a>
Received: from mail.luaforge.net (www.luaforge.net [147.65.1.201])</p>
<pre><code>    by mx.google.com with ESMTP id c1si21622788ana.40.2009.01.25.22.36.33;
    Sun, 25 Jan 2009 22:36:43 -0800 (PST)
</code></pre>
<p>Received-SPF: pass (google.com: domain of sputnik-list-bounces@lists.luaforge.net designates 147.65.1.201 as permitted sender) client-ip=147.65.1.201;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of sputnik-list-bounces@lists.luaforge.net designates 147.65.1.201 as permitted sender) smtp.mail=sputnik-list-bounces@lists.luaforge.net; dkim=neutral (body hash did not verify) header.i=@gmail.com
Received: from localhost ([127.0.0.1] helo=localhost.localdomain)</p>
<pre><code>by mail.luaforge.net with esmtp (Exim 4.50)
id 1LRMuL-000536-SC; Mon, 26 Jan 2009 06:33:25 -0200
</code></pre>
<p>Received: from rv-out-0506.google.com ([209.85.198.227])</p>
<pre><code>by mail.luaforge.net with esmtp (Exim 4.50) id 1LRMuK-000531-Aq
for sputnik-list@lists.luaforge.net; Mon, 26 Jan 2009 06:33:24 -0200
</code></pre>
<p>Received: by rv-out-0506.google.com with SMTP id k40so5714695rvb.29</p>
<pre><code>for <sputnik-list@lists.luaforge.net>;
Sun, 25 Jan 2009 22:36:24 -0800 (PST)
</code></pre>
<p>DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;</p>
<pre><code>h=domainkey-signature:mime-version:sender:received:date
:x-google-sender-auth:message-id:subject:from:to:content-type
:content-transfer-encoding;
bh=bzELlF3+y8uWE/jvmDAotIVUflQsBz/xmEGDHl/ZLTA=;
b=wxn6Srfa0um9Q2w+DerK4DNs9lna2zIUBisS8nhT3w2Uhq+2+OXvWQHq/cDiVJdHxh
oiJ9VbkA0pzPv9b3CUemNh9Pww0P7EaAGhFqAhJ43+dOTzHyYfuPF2GbfbCHPn8UMSUK
FnSgUEJGtiSmzyy5cVrmDpGSQazDRo0w9IPf4=
</code></pre>
<p>DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;</p>
<pre><code>h=mime-version:sender:date:x-google-sender-auth:message-id:subject
:from:to:content-type:content-transfer-encoding;
b=cHmpkYBXjkPvLhZw0jbVxRcggSt5EZCSOYOC9wzQUGyEkZsW1qBNS7TJZyNUVtxwSq
UXvPZOlb7B6hGgYc85tj2tKdBNzzHH6/0G36OScarUc1a+Kww2EnHzUE3gN30BjPQOZU
avAytGi+Qgxrq0Aawj7YOqQTxeIKwExzygq48=
</code></pre>
<p>MIME-Version: 1.0
Received: by 10.141.177.2 with SMTP id e2mr2626905rvp.136.1232951783736; Sun, </p>
<pre><code>25 Jan 2009 22:36:23 -0800 (PST)
</code></pre>
<p>Date: Sun, 25 Jan 2009 22:36:23 -0800
X-Google-Sender-Auth: e390ab44266def6a
Message-ID: <a href="mailto:fa4efbc00901252236i5f793b3eifea377400865c6e9@mail.gmail.com">fa4efbc00901252236i5f793b3eifea377400865c6e9@mail.gmail.com</a>
From: Yuri Takhteyev <a href="mailto:yuri@sims.berkeley.edu">yuri@sims.berkeley.edu</a>
To: Sputnik <a href="mailto:sputnik-list@lists.luaforge.net">sputnik-list@lists.luaforge.net</a>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [Sputnik-list] sputnik + OpenID job
X-BeenThere: sputnik-list@lists.luaforge.net
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "An all-purpose list for now." <sputnik-list.lists.luaforge.net>
List-Unsubscribe: <a href="http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list">http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list</a>,</p>
<pre><code><mailto:sputnik-list-request@lists.luaforge.net?subject=unsubscribe>
</code></pre>
<p>List-Archive: <a href="http://lists.luaforge.net/pipermail/sputnik-list">http://lists.luaforge.net/pipermail/sputnik-list</a>
List-Post: <a href="mailto:sputnik-list@lists.luaforge.net">sputnik-list@lists.luaforge.net</a>
List-Help: <a href="mailto:sputnik-list-request@lists.luaforge.net?subject=help">sputnik-list-request@lists.luaforge.net?subject=help</a>
List-Subscribe: <a href="http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list">http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list</a>,</p>
<pre><code><mailto:sputnik-list-request@lists.luaforge.net?subject=subscribe>
</code></pre>
<p>Sender: sputnik-list-bounces@lists.luaforge.net
Errors-To: sputnik-list-bounces@lists.luaforge.net</p>

<p>I've come across what appears to be the world's first publicly
advertised Sputnik job - for integrating Sputnik with OpenID.</p>

<p>http://hephoo.notlong.com</p>

<p>So, first of all, let me welcome the emergence of the global Sputnik
job market. :)</p>

<p>Second, I have no idea who the buyer is and what their project is
about, but perhaps they'll consider donating the code to the project.
OpenID would be a great addition to Sputnik, and I would be happy to
acknowledge the donation, maintain the plugin and help with advice.</p>

<ul>
    <li>yuri</li>
</ul>

<p>-- 
http://spu.tnik.org/</p>

<hr/>
<p>Sputnik-list mailing list
Sputnik-list@lists.luaforge.net
http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list</p>


<p>From sputnik-list-bounces@lists.luaforge.net Fri Jan 30 08:55:57 2009
Received: from pop.gmail.com (ag-in-f109.google.com [72.14.247.109])</p>
<pre><code>by localhost (mpop-1.0.11) with POP3
for <yuri>; Fri, 30 Jan 2009 08:55:57 +0000
</code></pre>
<p>Delivered-To: sputnik.list.archiver@gmail.com
Received: by 10.142.12.9 with SMTP id 9cs6872wfl;</p>
<pre><code>    Mon, 26 Jan 2009 17:48:29 -0800 (PST)
</code></pre>
<p>Received: by 10.100.242.20 with SMTP id p20mr7957156anh.75.1233020908217;</p>
<pre><code>    Mon, 26 Jan 2009 17:48:28 -0800 (PST)
</code></pre>
<p>Return-Path: <a href="mailto:sputnik-list-bounces@lists.luaforge.net">sputnik-list-bounces@lists.luaforge.net</a>
Received: from mail.luaforge.net (www.luaforge.net [147.65.1.201])</p>
<pre><code>    by mx.google.com with ESMTP id c1si11999930ana.0.2009.01.26.17.48.17;
    Mon, 26 Jan 2009 17:48:27 -0800 (PST)
</code></pre>
<p>Received-SPF: pass (google.com: domain of sputnik-list-bounces@lists.luaforge.net designates 147.65.1.201 as permitted sender) client-ip=147.65.1.201;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of sputnik-list-bounces@lists.luaforge.net designates 147.65.1.201 as permitted sender) smtp.mail=sputnik-list-bounces@lists.luaforge.net
Received: from localhost ([127.0.0.1] helo=localhost.localdomain)</p>
<pre><code>by mail.luaforge.net with esmtp (Exim 4.50)
id 1LResm-00082V-Cb; Tue, 27 Jan 2009 01:45:00 -0200
</code></pre>
<p>Received: from mu-out-0910.google.com ([209.85.134.189])</p>
<pre><code>by mail.luaforge.net with esmtp (Exim 4.50) id 1LResj-00082Q-Rw
for sputnik-list@lists.luaforge.net; Tue, 27 Jan 2009 01:44:58 -0200
</code></pre>
<p>Received: by mu-out-0910.google.com with SMTP id w1so5979839mue.9</p>
<pre><code>for <sputnik-list@lists.luaforge.net>;
Mon, 26 Jan 2009 17:47:50 -0800 (PST)
</code></pre>
<p>MIME-Version: 1.0
Received: by 10.103.226.10 with SMTP id d10mr344571mur.84.1233020870149; Mon, </p>
<pre><code>26 Jan 2009 17:47:50 -0800 (PST)
</code></pre>
<p>In-Reply-To: <a href="mailto:fa4efbc00901252236i5f793b3eifea377400865c6e9@mail.gmail.com">fa4efbc00901252236i5f793b3eifea377400865c6e9@mail.gmail.com</a>
References: <a href="mailto:fa4efbc00901252236i5f793b3eifea377400865c6e9@mail.gmail.com">fa4efbc00901252236i5f793b3eifea377400865c6e9@mail.gmail.com</a>
Date: Mon, 26 Jan 2009 20:47:50 -0500
Message-ID: <a href="mailto:bc4ed2190901261747q467b1369u439c79a56318633e@mail.gmail.com">bc4ed2190901261747q467b1369u439c79a56318633e@mail.gmail.com</a>
Subject: Re: [Sputnik-list] sputnik + OpenID job
From: David Manura <a href="mailto:dm.lua@math2.org">dm.lua@math2.org</a>
Cc: Sputnik <a href="mailto:sputnik-list@lists.luaforge.net">sputnik-list@lists.luaforge.net</a>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-BeenThere: sputnik-list@lists.luaforge.net
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "An all-purpose list for now." <sputnik-list.lists.luaforge.net>
List-Unsubscribe: <a href="http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list">http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list</a>,</p>
<pre><code><mailto:sputnik-list-request@lists.luaforge.net?subject=unsubscribe>
</code></pre>
<p>List-Archive: <a href="http://lists.luaforge.net/pipermail/sputnik-list">http://lists.luaforge.net/pipermail/sputnik-list</a>
List-Post: <a href="mailto:sputnik-list@lists.luaforge.net">sputnik-list@lists.luaforge.net</a>
List-Help: <a href="mailto:sputnik-list-request@lists.luaforge.net?subject=help">sputnik-list-request@lists.luaforge.net?subject=help</a>
List-Subscribe: <a href="http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list">http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list</a>,</p>
<pre><code><mailto:sputnik-list-request@lists.luaforge.net?subject=subscribe>
</code></pre>
<p>Sender: sputnik-list-bounces@lists.luaforge.net
Errors-To: sputnik-list-bounces@lists.luaforge.net</p>

<p>On Mon, Jan 26, 2009 at 1:36 AM, Yuri Takhteyev wrote:</p>
<blockquote>
    <p>OpenID would be a great addition to Sputnik</p>
</blockquote>

<p>Perhaps.  Still, I think it has some fundamental issues that require caution:</p>

<p> http://self-issued.info/?p=73
 http://webworkerdaily.com/2008/05/21/openid-a-contrarian-view/</p>

<p>E.g. relying on an untrusted site to redirect the user to their master
login page strikes me as regressive.</p>

<hr/>
<p>Sputnik-list mailing list
Sputnik-list@lists.luaforge.net
http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list</p>


<p>From sputnik-list-bounces@lists.luaforge.net Fri Jan 30 08:55:57 2009
Received: from pop.gmail.com (ag-in-f109.google.com [72.14.247.109])</p>
<pre><code>by localhost (mpop-1.0.11) with POP3
for <yuri>; Fri, 30 Jan 2009 08:55:57 +0000
</code></pre>
<p>Delivered-To: sputnik.list.archiver@gmail.com
Received: by 10.142.12.9 with SMTP id 9cs14302wfl;</p>
<pre><code>    Mon, 26 Jan 2009 23:40:16 -0800 (PST)
</code></pre>
<p>Received: by 10.100.106.12 with SMTP id e12mr1433544anc.18.1233042003098;</p>
<pre><code>    Mon, 26 Jan 2009 23:40:03 -0800 (PST)
</code></pre>
<p>Return-Path: <a href="mailto:sputnik-list-bounces@lists.luaforge.net">sputnik-list-bounces@lists.luaforge.net</a>
Received: from mail.luaforge.net (www.luaforge.net [147.65.1.201])</p>
<pre><code>    by mx.google.com with ESMTP id d22si12476749and.7.2009.01.26.23.39.51;
    Mon, 26 Jan 2009 23:40:02 -0800 (PST)
</code></pre>
<p>Received-SPF: pass (google.com: domain of sputnik-list-bounces@lists.luaforge.net designates 147.65.1.201 as permitted sender) client-ip=147.65.1.201;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of sputnik-list-bounces@lists.luaforge.net designates 147.65.1.201 as permitted sender) smtp.mail=sputnik-list-bounces@lists.luaforge.net; dkim=neutral (body hash did not verify) header.i=@gmail.com
Received: from localhost ([127.0.0.1] helo=localhost.localdomain)</p>
<pre><code>by mail.luaforge.net with esmtp (Exim 4.50)
id 1LRkN1-0000Ge-FZ; Tue, 27 Jan 2009 07:36:35 -0200
</code></pre>
<p>Received: from rv-out-0506.google.com ([209.85.198.234])</p>
<pre><code>by mail.luaforge.net with esmtp (Exim 4.50) id 1LRkMz-0000GX-Ec
for sputnik-list@lists.luaforge.net; Tue, 27 Jan 2009 07:36:33 -0200
</code></pre>
<p>Received: by rv-out-0506.google.com with SMTP id k40so6248869rvb.29</p>
<pre><code>for <sputnik-list@lists.luaforge.net>;
Mon, 26 Jan 2009 23:39:30 -0800 (PST)
</code></pre>
<p>DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;</p>
<pre><code>h=domainkey-signature:mime-version:sender:received:in-reply-to
:references:date:x-google-sender-auth:message-id:subject:from:to:cc
:content-type:content-transfer-encoding;
bh=Hf8YJZaiBl1ERVWKCGMQFC6/VKCgKcSbtu1Je+jRGGo=;
b=S6xXoNoWAU+Z/e5nUIFujelPwULtVdYYg3jc0fzCbPj5SKbwtwAKffwBAMOMpLwaqK
92BVxlMz9VN5ttBfHnydSE6M1L+JojXn1/eNwxs4+CiK5ZGvBnbT0QbnoVMhRKzgGpU3
Ykfbr/UiqWUY1roXrzxgJNsn6I6DSnjI1Zvc0=
</code></pre>
<p>DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;</p>
<pre><code>h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:cc:content-type
:content-transfer-encoding;
b=hc5xLvYHCQd5lxntsN24K/IzlUlbg1I3rYHcxFYdPQVtb/Utf7Ggumv/193Z1/zXaI
Om/z02Jgn8knC5I06CGOf60i3Z3I3iBF487C7q128POOYB5UKdWYgasBRE8yyMbOFNqG
25DMtkTfop9GPwZdWv/ej3R3JYVxHrGm2wPo4=
</code></pre>
<p>MIME-Version: 1.0
Received: by 10.141.86.4 with SMTP id o4mr5808881rvl.172.1233041969687; Mon, </p>
<pre><code>26 Jan 2009 23:39:29 -0800 (PST)
</code></pre>
<p>In-Reply-To: <a href="mailto:bc4ed2190901261747q467b1369u439c79a56318633e@mail.gmail.com">bc4ed2190901261747q467b1369u439c79a56318633e@mail.gmail.com</a>
References: <a href="mailto:fa4efbc00901252236i5f793b3eifea377400865c6e9@mail.gmail.com">fa4efbc00901252236i5f793b3eifea377400865c6e9@mail.gmail.com</a></p>
<pre><code><bc4ed2190901261747q467b1369u439c79a56318633e@mail.gmail.com>
</code></pre>
<p>Date: Mon, 26 Jan 2009 23:39:29 -0800
X-Google-Sender-Auth: 77be45a7737ba2bd
Message-ID: <a href="mailto:fa4efbc00901262339h19f78fa2ib3d2edc5aee2f6dd@mail.gmail.com">fa4efbc00901262339h19f78fa2ib3d2edc5aee2f6dd@mail.gmail.com</a>
Subject: Re: [Sputnik-list] sputnik + OpenID job
From: Yuri Takhteyev <a href="mailto:yuri@sims.berkeley.edu">yuri@sims.berkeley.edu</a>
To: David Manura <a href="mailto:dm.lua@math2.org">dm.lua@math2.org</a>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Sputnik <a href="mailto:sputnik-list@lists.luaforge.net">sputnik-list@lists.luaforge.net</a>
X-BeenThere: sputnik-list@lists.luaforge.net
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "An all-purpose list for now." <sputnik-list.lists.luaforge.net>
List-Unsubscribe: <a href="http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list">http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list</a>,</p>
<pre><code><mailto:sputnik-list-request@lists.luaforge.net?subject=unsubscribe>
</code></pre>
<p>List-Archive: <a href="http://lists.luaforge.net/pipermail/sputnik-list">http://lists.luaforge.net/pipermail/sputnik-list</a>
List-Post: <a href="mailto:sputnik-list@lists.luaforge.net">sputnik-list@lists.luaforge.net</a>
List-Help: <a href="mailto:sputnik-list-request@lists.luaforge.net?subject=help">sputnik-list-request@lists.luaforge.net?subject=help</a>
List-Subscribe: <a href="http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list">http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list</a>,</p>
<pre><code><mailto:sputnik-list-request@lists.luaforge.net?subject=subscribe>
</code></pre>
<p>Sender: sputnik-list-bounces@lists.luaforge.net
Errors-To: sputnik-list-bounces@lists.luaforge.net</p>

<blockquote>
    <p>E.g. relying on an untrusted site to redirect the user to their master
    login page strikes me as regressive.</p>
</blockquote>

<p>True. If someone decided to use Sputnik to implement a web interface
for a bank, I would probably advise them against using OpenID. :)
Doing OpenID authentication for non-admin access to a wiki, however,
probably wouldn't keep me up at night.</p>

<p>Also, the security of OpenID depends on the steps the provider takes
to prevent phishing. Some providers are better than others. There are
now OpenID providers that use customized image (Yahoo!), hardware
tokens (Verisign), or browser certificates (certifi.ca). Some can be
configured to call your cell phone as a part of the login
(myopenid.com). If the consumer can be configured to only accept
logins from trusted providers, then OpenID could be <em>more</em> secure than
most site's authentication.</p>

<ul>
    <li>yuri</li>
</ul>

<p>-- 
http://spu.tnik.org/</p>

<hr/>
<p>Sputnik-list mailing list
Sputnik-list@lists.luaforge.net
http://lists.luaforge.net/cgi-bin/mailman/listinfo/sputnik-list</p>