From: http://christian.amsuess.com/chrysn Date: Thu, 27 Jan 2011 16:22:15 +0000 (+0000) Subject: what about managing creditentials in ikiwiki itself? X-Git-Tag: 3.20110225~101 X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/4f412100be4679ea984453c8d7a2bc910ee4877f?hp=531f2dbaa734fc1baec17d0bf10d583da70fc376 what about managing creditentials in ikiwiki itself? --- diff --git a/doc/todo/creditentials_page.mdwn b/doc/todo/creditentials_page.mdwn new file mode 100644 index 000000000..8c6ee4500 --- /dev/null +++ b/doc/todo/creditentials_page.mdwn @@ -0,0 +1,9 @@ +pushing [[this|todo/httpauth feature parity with passwordauth]] further: would it make sense for users to have a `$USER/creditentials` page that is by default locked to the user and admins, where the user can state one or more of the below? + +* OpenID +* ssh public key (would require an additional mechanism for writing this to a `authorized_keys` file with appropriate environment variables or prefix that makes sure the commit is checked against the right user and that the user names agree) +* gpg public key (once there is a mechanism that relies on gpg for authentication)) +* https certificate hash (don't know details; afair the creation of such certificates is typically initiated server-side) +* password hash (this is generally considered a valuable secret; is this still true with good hashes and proper salting?) + +such a page could have a form as described in [[todo/structured page data]] and could even serve as a way of managing users. --[[chrysn]]