Hello, all. Short summary: I'm working on creating an OpenID provider service using Gentoo LDAP. It will provide a common login service for Gentoo developers to Gentoo sites and other OpenID-aware sites (e.g. bug trackers, blogs). Source code: https://github.com/mgorny/identity.gentoo.org Week #6 ======= Status: a little behind schedule This week I was focusing on the issues related to SSL certificate authentication. For this reason, I have gathered more information on the topic, set up a testing SSL/UWSGI nginx instance, created a client certificate and did some testing wrt server and browser behavior. As a result, I've written a small blog post on the topic of implementing certificate auth in okupy [1] and contacted robbat2 to discuss the details. My ideas have proved to be problematic with the way Gentoo operates its certificates, therefore I will need to discuss a better solutions. Plans for next week: - work on cleaning up and implementing more fields in django-ldapdb, and -- as a result -- bringing more SReg/AX fields. - support more AX namespaces/providers. - continue the work on SSL support. -- Best regards, Michał Górny