MusicBrainz Summit/11/Session Notes: Difference between revisions

Revision as of 00:14, 15 October 2011

Please add yourself if you attended.

Goals

Questions

Discussed proposals

Implement OpenID
Using digest authentication (still requires storing and transferring the clear text password)
Using SSL (requires updating web service libraries)
Using a separate LDAP server (password no longer in MB database and stored elsewhere, also allows for possible single sign on integration)

Conclusion: Use LDAP and phase in SSL to increase password security. Bonus: LDAP makes single sign on possible.

@@ Line 15: / Line 15: @@
 # reosarevok was nearly dissed
 === Friday (Oct 14) ===
-# jdamcd.... and everyone else arrived
+* jdamcd.... and everyone else arrived
-# Pushed weekly release
+* Pushed hotfix for weekly release
-# Pushed hotfix for weekly release
+====Single sign on & password security====
+Goals
+* Not storing plaintext passwords
+* Not having knowable (i.e. reversible) passwords
+* Not transmitting passwords in the clear
+* Single sign on
+Questions
+* What specific password issues are we trying to solve?
+Discussed proposals
+* Implement OpenID
+* Using digest authentication (still requires storing and transferring the clear text password)
+* Using SSL (requires updating web service libraries)
+* Using a separate LDAP server (password no longer in MB database and stored elsewhere, also allows for possible single sign on integration)
+'''Conclusion:''' Use LDAP and phase in SSL to increase password security. Bonus: LDAP makes single sign on possible.