[Catalog-sig] Fwd: Re: New pythonpackages.com service coming soon

[Alex Clark]

Hi Martin,

On 1/23/12 5:30 PM, "Martin v. Löwis" wrote:
>> OAuth would be a most welcome addition!
>
> Can you please flesh out a specification?
>
> I'd be hesitant to add it without a *clear* commitment to using it.
>
> We added OpenID support primarily to support pythonpackages.com,
> only to find out that it now uses github accounts :-( I'd be angry
> to learn that I implemented yet another feature which is then not
> going to be used.

OpenID is still on the table, so I don't want you to get the impression 
that we're jumping ship for OAuth. That said, I apologize about leaving 
you hanging there; it was certainly not my intention (and I was unaware 
until now that OpenId support was added for pythonpackages.com… unless 
maybe you are confusing it with opencomparison.org?).

In any event, yes, I can put together a specification. Things should be 
easier to discuss now that I have announced the details. Let me do this:

- Between now and March, I'll implement OpenId support on 
pythonpackages.com.

- That support will, initially, only be used to verify that someone with 
a Github account who has already signed in owns a particular package on 
PyPI. As that is clumsy even to describe, I suspect it will only be a 
stepping stone to a better approach (but I think it gets me what I want, 
which is to publish packages that have shared the maintainer role with 
`pythonpackages`. I certainly don't want any pythonpackages.com user to 
be able to publish any package on PyPI that has done the same.)


Alex



>
> Regards,
> Martin


-- 
Alex Clark · http://pythonpackages.com