|It has been suggested that this page be merged with Proposal:Implement OAuth for MediaWiki (and employ in Wikimedia). (Discuss)|
Wikipedia's present reach is limited by its monolithic, all-inclusive and exclusionary design. For example: wikipedia as a "web service" can never reach offline users. In the context of authentication, the present design indicates an inherent lack of trust in the provably secure available authentication technologies available today, and thus keeps wikipedia tethered to the "real-time", "internet-only" web site paradigm. To move forward, wikipedia must embrace open authentication standards and authentication schemes that do not rely on users having "real-time" internet access, or any internet access at all.
- Wikipedia to adopt an authentication API which has a pluggable architecture (one which can accept both "direct" authentication as well as "challenge-response" authentication). The Win32 "Security" API may provide valuable insights.
- Proposals such as those listed under http://strategy.wikimedia.org/wiki/Category:Proposals_for_new_authentication_features be accepted as plugins
- Authentication schemes hinted at or explicitly described in Proposal:Distributed_Wikipedia be either implemented or adapted, and accepted as plugins.
If the "offline" strategic goals of wikipedia are to be met - at all - wikipedia must adopt alternative authentication schemes. period.
- How is anyone supposed to implement a peer-to-peer service that people can trust, when the present system will force the username and clear-text password to be sent across arbitrary peer-to-peer networks?
- Why, in the year 2009, are users of wikipedia being forced to type in a separate password and username, when schemes such as openid have been in existence for a considerable time, and when openid is being adopted wholesale by social networking sites, popular email systems and free software development sites?
- small amount of design work by security specialist(s)
- small amount of developer time
- large amount of auditing by security specialist(s).
Do you have a thought about this proposal? A suggestion? Discuss this proposal by going to Proposal talk:Extend Wikipedia to include external authentication.
Want to work on this proposal?
- .. Sign your name here!