Web www-dev.softwarecollections.org www.softwarecollections.org use FAS openid. It would be nice if we can put them on whitelist, so users do not need to Approve/Reject each login.
I can add it to fas-openid.cfg.erb in puppet.git myself. I'm just not sure what is our level of "trust to others" and if this is OK.
So please just some senior from infra team add here just "do it" or "no please" and I will act accordingly.
I think we decided that we would only ever whitelist sites that we (fedora infrastructure) directly ran and controlled. :(
But I could be missing something... we should ask Patrick and Toshio at least...
We only add websites we (Fedora Infrastructure) maintain to this list.
This feature was put in because it wouldn't make sense to ask for permission to send data to the same set of servers that it already came from.
Also, if we were to add external websites, we would need to judge their privacy policy etc.
Also, people might start complaining that we added site X but not their site, maybe causing us "political" issues later on the road.
As a result, we decided NOT to add external websites.
Fair enough. Thanks for comments.
Login to comment on this ticket.