Re: Using postgresql.org account as an auth id on third partywebsites
| От | Álvaro Hernández |
|---|---|
| Тема | Re: Using postgresql.org account as an auth id on third partywebsites |
| Дата | |
| Msg-id | 1ff2a24e-2421-2cc7-b7a1-aff6a64e2faf@ongres.com обсуждение исходный текст |
| Ответ на | Re: Using postgresql.org account as an auth id on third partywebsites (Stephen Frost <sfrost@snowman.net>) |
| Список | pgsql-www |
On 18/9/19 9:20, Stephen Frost wrote: > Greetings, > > * Álvaro Hernández (aht@ongres.com) wrote: >> On 18/9/19 9:08, Stephen Frost wrote: >>> I'd also point out that those other organizations are recognized >>> Community Non-Profits, and/or running Community recognized conferences. >>> That isn't an explicit 'policy' about what we run on pginfra or what >>> pginfra manages or is willing to tie things into, just to be clear, but >>> I do think it provides a good set of examples. >> If there isn't such a policy, TBQH I don't think this is an example of >> anything. And if there would be a policy, I believe that being a Community >> Non-Profit and/or running a Community conference should not be requisites >> for being able to use postgresql.org login. Why should they be related at >> all? If anything, this is about providing *conveniency* for PostgreSQL users >> to log into third party services without having to depend on other third >> party authentication providers which whom those users may feel less >> comfortable. > I addressed this- having that tie-in is a de-facto endorsement of it. I see this more of a problem than a benefit, specially in the face of GDPR, but also as a general principle. There are several entities at play, there should be clear boundaries established. > >> FWIW I also organize a Community Recognized Conference >> (https://pgibz.io). > Great! Perhaps if it was hosted on pginfra then we could have it > included as part of the auth system. That would be very cool. What do we need to do? > >> Good, I'm all ears. But I'm still surprised that technical bits are not >> required for PostgreSQL EU / US, they are separate entities and those bits >> (at least from a legal perspective) should apply equally. > The technical bits are around who manages the systems, not around what > the organizations are. If you'd like us to host postgresqlco.nf, that'd > be a seperate discussion. I believe postgresqlco.nf is not a good fit for this use case, but thanks :) Still, I want to understand: a) why having intertwined systems is a good and not a bad thing b) why this cannot be opened to any other third party (policy) and what is (technically) limiting it Regards, Álvaro -- Alvaro Hernandez ----------- OnGres
В списке pgsql-www по дате отправления: