From: Joey Hess Date: Thu, 14 May 2015 14:46:59 +0000 (-0400) Subject: Merge branch 'master' of ssh://git.ikiwiki.info X-Git-Tag: 3.20150610~65 X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/804144402bd6b3b52b3e38aff7cc0812ac1ba0c8?hp=-c Merge branch 'master' of ssh://git.ikiwiki.info --- 804144402bd6b3b52b3e38aff7cc0812ac1ba0c8 diff --combined doc/todo/emailauth.mdwn index 88096bee1,4cf2e48e5..357a4ad9b --- a/doc/todo/emailauth.mdwn +++ b/doc/todo/emailauth.mdwn @@@ -62,7 -62,7 +62,7 @@@ Implementation notes Otherwise, someone could use passwordauth to register as a username that looks like an email address, which would be confusing to possibly a security hole. Probably best to keep passwordauth and emailauth accounts - entirely distinct. + entirely distinct. Update: passwordauth never allowed `@` in usernames. * Currently, subscription to comments w/o registering is handled by passwordauth, by creating a passwordless account (making up a username, not using the email address as the username thankfully). That account can be @@@ -112,3 -112,23 +112,23 @@@ Thoughts anyone? --[[Joey] >> >> Of course, spammers can troll git repos for emails anyway, so maybe >> this is fine. --[[Joey]] + + >>> I'm not so sure this is OK: user expectations for "a random wiki/blog" + >>> are not the same as for direct git contributions. Common practice for + >>> websites is for email addresses to be only available to the site owner + >>> and/or outsourced services - if ikiwiki doesn't work like this, + >>> I think wiki contributors/blog commenters are going to blame ikiwiki, + >>> not themselves. + >>> + >>> One way to avoid this would be to + >>> [[separate authentication from authorization]], so our account names + >>> would be smcv and joey even on a purely emailauth wiki, with the + >>> fact that we authenticate via email being an implementation detail. + >>> + >>> Another way to do it would be to hash the email address, + >>> so the commit appears to come from + >>> `smcv ` instead of + >>> from `smcv ` - if the hash is of `mailto:whatever` + >>> (like my example one) then it's compatible with + >>> [FOAF](http://xmlns.com/foaf/spec/#term_mbox_sha1sum). + >>> --[[smcv]]