Re: Using postgresql.org account as an auth id on third partywebsites

Поиск
Список
Период
Сортировка
От Álvaro Hernández
Тема Re: Using postgresql.org account as an auth id on third partywebsites
Дата
Msg-id 1ff2a24e-2421-2cc7-b7a1-aff6a64e2faf@ongres.com
обсуждение исходный текст
Ответ на Re: Using postgresql.org account as an auth id on third partywebsites  (Stephen Frost <sfrost@snowman.net>)
Список pgsql-www
Дерево обсуждения 

On 18/9/19 9:20, Stephen Frost wrote:
> Greetings,
>
> * Álvaro Hernández (aht@ongres.com) wrote:
>> On 18/9/19 9:08, Stephen Frost wrote:
>>> I'd also point out that those other organizations are recognized
>>> Community Non-Profits, and/or running Community recognized conferences.
>>> That isn't an explicit 'policy' about what we run on pginfra or what
>>> pginfra manages or is willing to tie things into, just to be clear, but
>>> I do think it provides a good set of examples.
>>      If there isn't such a policy, TBQH I don't think this is an example of
>> anything. And if there would be a policy, I believe that being a Community
>> Non-Profit and/or running a Community conference should not be requisites
>> for being able to use postgresql.org login. Why should they be related at
>> all? If anything, this is about providing *conveniency* for PostgreSQL users
>> to log into third party services without having to depend on other third
>> party authentication providers which whom those users may feel less
>> comfortable.
> I addressed this- having that tie-in is a de-facto endorsement of it.

     I see this more of a problem than a benefit, specially in the face 
of GDPR, but also as a general principle. There are several entities at 
play, there should be clear boundaries established.

>
>>      FWIW I also organize a Community Recognized Conference
>> (https://pgibz.io).
> Great!  Perhaps if it was hosted on pginfra then we could have it
> included as part of the auth system.

     That would be very cool. What do we need to do?

>
>>      Good, I'm all ears. But I'm still surprised that technical bits are not
>> required for PostgreSQL EU / US, they are separate entities and those bits
>> (at least from a legal perspective) should apply equally.
> The technical bits are around who manages the systems, not around what
> the organizations are.  If you'd like us to host postgresqlco.nf, that'd
> be a seperate discussion.

     I believe postgresqlco.nf is not a good fit for this use case, but 
thanks :) Still, I want to understand:

a) why having intertwined systems is a good and not a bad thing
b) why this cannot be opened to any other third party (policy) and what 
is (technically) limiting it


     Regards,

     Álvaro

-- 

Alvaro Hernandez


-----------
OnGres

В списке pgsql-www по дате отправления:

Предыдущее
От: Álvaro Hernández
Дата:
Сообщение: Re: Using postgresql.org account as an auth id on third partywebsites
Следующее
От: Joe Conway
Дата:
Сообщение: Re: Wiki editor request