Re: New Fedora openid provider (fas-openid) in service

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed 01 May 2013 11:15:30 AM EDT, Till Maas wrote:
> Hi,
> 
> On Tue, Mar 05, 2013 at 05:19:50PM -0700, Kevin Fenzi wrote:
> 
>> More information is available at:
>> 
>> https://fedoraproject.org/wiki/OpenID
> 
> I hope that nobody used that until now, otherwise I am disappointed
> that nobody noticed before me that Firefox does not properly
> validate https://id.fedoraproject.org/
> 
> saying "your connection to the site is only partially encrypted and
> does not prevent eavesdropping". I assume the problem is this entry
> from the CSS file:
> 
> @import
> url(http://fonts.googleapis.com/css?family=Cantarell:400,700);
> 
> And this opens the question why a central Fedora service is using
> third party, probably non-FOSS services leading only to less
> security.
> 
> Regards Till

This has been noticed and fixed. It should be going into production
soon (it's in staging now).

https://github.com/fedora-infra/fas-openid/issues/14
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlGBW3AACgkQeiVVYja6o6ObMQCePql1z8zLXGdfagt/MlJdJupN
24sAn1vjuOaXiaAe7vKmgUF0fv6BfajN
=Vl6K
-----END PGP SIGNATURE-----
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux