|

»

Eclipse Technology

»

»

Draft Agenda for Higgins Developers call on Thursday, October 22 at Noon EDT

View: New views

8 Messages — Rating Filter: Alert me

	Draft Agenda for Higgins Developers call on Thursday, October 22 at Noon EDT by Paul Trevithick-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Draft Agenda for Higgins Developers call on Thursday, October 22 at Noon EDT LOGISTICS: Time: noon Eastern (16:00 UTC) U.S. Dial-in: 1-201-793-9022 passcode 7990866# 1) [Mary] “ABOUT THIS PROJECT” CLEANUP [1] The description in the project summary [1] has been updated to align with the home page Other project summary(about) page links have been updated where possible, and some committers marked as active. 2) [Paul, Alexander] AUTHENTICATION SERVICE [2] Design review 3) [Paul, SergeyL] ATTRIBUTE SERVICE Design review [1] http://www.eclipse.org/projects/project_summary.php?projectid=technology.higgins [2] http://wiki.eclipse.org/Authentication_Service_1.1 [3] http://wiki.eclipse.org/Attribute_Service_1.1 _______________________________________________ higgins-dev mailing list higgins-dev@... https://dev.eclipse.org/mailman/listinfo/higgins-dev
	UI Mockups for Authentication Service 1.1 by Tom Carroll-7 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Some parts of this message have been removed. Learn more about Nabble's security policy. Draft Agenda for Higgins Developers call on Thursday, October 22 at Noon EDT Check ‘em out: http://wiki.eclipse.org/Authentication_Service_1.1_UI _______________________________________________ higgins-dev mailing list higgins-dev@... https://dev.eclipse.org/mailman/listinfo/higgins-dev
	Re: UI Mockups for Authentication Service 1.1 by Alexander Yuhimenko :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Thanks Tom, But i think we have to use captcha with case #1 for "Check Availability" and "Confirm Email & Continue". Email is only one of possible ways (channel) to obtain one-time authentication code, but i couldn't find UI for using sms or something else. I believe we don't have to store passphrase on server, do we? -- thanks, Alexander Yuhimenko On Sat, 24 Oct 2009 17:11:18 -0700 Tom Carroll <TCarroll@...> wrote: > Check 'em out: > > http://wiki.eclipse.org/Authentication_Service_1.1_UI > > _______________________________________________ higgins-dev mailing list higgins-dev@... https://dev.eclipse.org/mailman/listinfo/higgins-dev
	Re: UI Mockups for Authentication Service 1.1 by Paul Trevithick-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Re: [higgins-dev] UI Mockups for Authentication Service 1.1 Hi Tom, I created this top-level solution page: http://wiki.eclipse.org/Qt_Selector_1.1-Win which has a link to: http://wiki.eclipse.org/Qt_Selector_1.1_UI which has a link to your new page (renamed): http://wiki.eclipse.org/Qt_Selector_Account_UI --Paul On 10/24/09 8:11 PM, "Tom Carroll" <tcarroll@...> wrote: Check ‘em out: http://wiki.eclipse.org/Authentication_Service_1.1_UI _______________________________________________ higgins-dev mailing list higgins-dev@... https://dev.eclipse.org/mailman/listinfo/higgins-dev
	Re: UI Mockups for Authentication Service 1.1 by Paul Trevithick-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Re: [higgins-dev] UI Mockups for Authentication Service 1.1 Absolutely not. This passphrase is something that only the user knows and it never moves to the server. In that way even having access to the server is insufficient to gain access to the user’s data. On 10/26/09 8:57 AM, "Alexander Yuhimenko" <AYuhimenko@...> wrote: I believe we don't have to store passphrase on server, do we? _______________________________________________ higgins-dev mailing list higgins-dev@... https://dev.eclipse.org/mailman/listinfo/higgins-dev
	RE: UI Mockups for Authentication Service 1.1 by Tom Carroll-7 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message >> But i think we have to use captcha with case #1 for "Check Availability" and "Confirm Email & Continue". Do we need to protect the "Check Availability" with a CAPTCHA, or just the "Confirm & Continue" transaction? If the former, then I think we need to break out CAPTCHA/Check Available into its own page. If the latter, then maybe we put it all into the one page. -----Original Message----- From: higgins-dev-bounces@... [mailto:higgins-dev-bounces@...] On Behalf Of Alexander Yuhimenko Sent: Monday, October 26, 2009 8:57 AM To: Higgins (Trust Framework) Project developer discussions Subject: Re: [higgins-dev] UI Mockups for Authentication Service 1.1 Thanks Tom, But i think we have to use captcha with case #1 for "Check Availability" and "Confirm Email & Continue". Email is only one of possible ways (channel) to obtain one-time authentication code, but i couldn't find UI for using sms or something else. I believe we don't have to store passphrase on server, do we? -- thanks, Alexander Yuhimenko ... _______________________________________________ higgins-dev mailing list higgins-dev@... https://dev.eclipse.org/mailman/listinfo/higgins-dev
	Re: UI Mockups for Authentication Service 1.1 by Alexander Yuhimenko :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hello, On Tue, 27 Oct 2009 05:43:36 -0700 Tom Carroll <TCarroll@...> wrote: > >> But i think we have to use captcha with case #1 for "Check Availability" and "Confirm Email & Continue". > > Do we need to protect the "Check Availability" with a CAPTCHA, or just the "Confirm & Continue" transaction? If the former, then I think we need to break out CAPTCHA/Check Available into its own page. If the latter, then maybe we put it all into the one page. I'd like to ask captcha for "Check Availability" every time, but it may irritate users. I guess, we may support "Check Availability" without captcha just few first times if server returns http status code 302 (user already exists), for example ask captcha each 3rd request. > > -----Original Message----- > From: higgins-dev-bounces@... [mailto:higgins-dev-bounces@...] On Behalf Of Alexander Yuhimenko > Sent: Monday, October 26, 2009 8:57 AM > To: Higgins (Trust Framework) Project developer discussions > Subject: Re: [higgins-dev] UI Mockups for Authentication Service 1.1 > > Thanks Tom, > > But i think we have to use captcha with case #1 for "Check Availability" and "Confirm Email & Continue". > > Email is only one of possible ways (channel) to obtain one-time authentication code, but i couldn't find UI for using sms or something else. > > I believe we don't have to store passphrase on server, do we? > > -- > thanks, > Alexander Yuhimenko > > ... > _______________________________________________ > higgins-dev mailing list > higgins-dev@... > https://dev.eclipse.org/mailman/listinfo/higgins-dev > -- thanks, Alexander Yuhimenko _______________________________________________ higgins-dev mailing list higgins-dev@... https://dev.eclipse.org/mailman/listinfo/higgins-dev
	RE: UI Mockups for Authentication Service 1.1 by Tom Carroll-7 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message OK, changed mockups to show this approach - no CAPTCHA required for 'check availability' unless max_tries has been exceeded. http://wiki.eclipse.org/Qt_Selector_Account_UI -----Original Message----- From: Alexander Yuhimenko [mailto:AYuhimenko@...] Sent: Tuesday, October 27, 2009 9:07 AM To: Higgins (Trust Framework) Project developer discussions Cc: Tom Carroll Subject: Re: [higgins-dev] UI Mockups for Authentication Service 1.1 Hello, On Tue, 27 Oct 2009 05:43:36 -0700 Tom Carroll <TCarroll@...> wrote: > >> But i think we have to use captcha with case #1 for "Check Availability" and "Confirm Email & Continue". > > Do we need to protect the "Check Availability" with a CAPTCHA, or just the "Confirm & Continue" transaction? If the former, then I think we need to break out CAPTCHA/Check Available into its own page. If the latter, then maybe we put it all into the one page. I'd like to ask captcha for "Check Availability" every time, but it may irritate users. I guess, we may support "Check Availability" without captcha just few first times if server returns http status code 302 (user already exists), for example ask captcha each 3rd request. > > -----Original Message----- > From: higgins-dev-bounces@... [mailto:higgins-dev-bounces@...] On Behalf Of Alexander Yuhimenko > Sent: Monday, October 26, 2009 8:57 AM > To: Higgins (Trust Framework) Project developer discussions > Subject: Re: [higgins-dev] UI Mockups for Authentication Service 1.1 > > Thanks Tom, > > But i think we have to use captcha with case #1 for "Check Availability" and "Confirm Email & Continue". > > Email is only one of possible ways (channel) to obtain one-time authentication code, but i couldn't find UI for using sms or something else. > > I believe we don't have to store passphrase on server, do we? > > -- > thanks, > Alexander Yuhimenko > > ... > _______________________________________________ > higgins-dev mailing list > higgins-dev@... > https://dev.eclipse.org/mailman/listinfo/higgins-dev > -- thanks, Alexander Yuhimenko _______________________________________________ higgins-dev mailing list higgins-dev@... https://dev.eclipse.org/mailman/listinfo/higgins-dev