Thanks, I've created https://secure.phabricator.com/T1930.
Until that is resolved I'll create accounts for anybody who doesn't want
to
use OAuth - just shoot me a mail.
Cheers,
/Manuel
On Fri, Oct 19, 2012 at 12:03 AM, Owen Anderson <resistor at mac.com>
wrote:
> Manuel,
>
> On Oct 18, 2012, at 2:45 PM, Manuel Klimek <klimek at google.com>
wrote:
>
> I hear you, but I'd be interested in why OAuth is a problem for you -
as I
> said, if we have good arguments, the phab guys are really quick to come up
> with changes. I'm not deeply familiar with authentication schemes.
>
>
> I know you've already resolved the issue for me with a manually created
> account, but to reiterate my reasons from that earlier conversation:
>
> For me, the concerns are much more about privacy than about security.
I'm
> not really bothered by the idea of my Phabricator account being
> compromised, and I will use one-off credentials to ensure that a compromise
> of it will not impact other accounts that I care about more.
>
> What* does* bother me is the loss of privacy implied by sharing a login
> system between Phabricator and any of the various OAuth providers. I'm
not
> interested in having my identity shared across systems, particularly when
> some of those systems are built for and funded by correlating as much of
> that identity information as possible and using it for advertising. From
> this perspective, using a Github OAuth is the *least bad* alternative, but
> it's still not a direction that I want to encourage.
>
> --Owen
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.llvm.org/pipermail/llvm-dev/attachments/20121019/a4a69168/attachment.html>