On Mon, 18 Oct 2010, Maxim Burgerhout wrote:
> At Mike's request, I did a wiki page about using and customizing a
> Yubikey with Fedora. It's located here [1].
>
> Also, with regard to using FAS as an OpenID provider, I went over the
> tests at the OpenID discussion page [2], and there seems to have been
> some progress since the last time it was updated. I find that most of
> the pages listed on there now actually work. I also checked some of
> the more high-profile websites using OpenID out there (like Slashdot,
> Gitorious, Bitbucket and Identi.ca) and they all work too. I added
> them to the list.
>
> There still are some websites that do not work with FAS (Hackernews,
> wikitravel) that do work with other OpenID providers, but the majority
> is ok.
>
> Maybe those remaining broken websites are more to blame than FAS itself?
>
It could be but I'd be more inclined to blame FAS mostly because I know
it's not as fully tested as it could be. It turns out the auth portion of
OpenID is complex compared to the other auth we do. It'd be nice for
someone to give it all a good look over.
-Mike
> [1] https://fedoraproject.org/wiki/Using_Yubikeys_with_Fedora
> [2] https://fedoraproject.org/wiki/Talk:OpenID
>
> Maxim Burgerhout
> maxim@xxxxxxxxx
> ----------------
> GPG Fingerprint
> EB11 5E56 E648 9D99 E8EF 05FB C513 6FD4 1302 B48A
>
>
>
> On Fri, Oct 8, 2010 at 18:14, Toshio Kuratomi <a.badger@xxxxxxxxx> wrote:
> > On Fri, Oct 08, 2010 at 11:47:43AM +0200, Maxim Burgerhout wrote:
> >>
> >> If there is anything I can do to help out and make the use of
> >> Yubikey's in the Fedora project into a success, just holler. It might
> >> be interesting to add a README.Fedora to the ykpers package explaining
> >> how to configure it for both Fedora and Yubico's servers like on the
> >> page Toshio linked to. I'll look into that later.
> >>
> > That would be excellent. having the command line arguments for
> > ykpersonalize and instructions/examples on how to construct the key, fixed
> > string and uid string are what's needed. The hex <=> modhex portion threw
> > me off for a while as did the length of the strings and I think there might
> > be a third nonintuitive thing that I never was completely clear on (some
> > modhex strings didn't seem to be valid for the fixed field).
> >
> > -Toshio
> >
> > _______________________________________________
> > infrastructure mailing list
> > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> > https://admin.fedoraproject.org/mailman/listinfo/infrastructure
> >
> _______________________________________________
> infrastructure mailing list
> infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
>
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure