Simon Willison’s Weblog

Subscribe

Tuesday, 24th June 2008

The point of “Open” in OpenID

TechCrunch report that Microsoft are accepting OpenID for their new HealthVault site, but with a catch: you can only use OpenIDs from two providers: Trustbearer (who offer two-factor authentication using a hardware token) and Verisign. "Whatever happened to the Open in OpenID?", asks TechCrunch’s Jason Kincaid.

[... 451 words]

Tailor. “Tailor is a tool to migrate or replicate changesets between ArX, Bazaar, Bazaar-NG, CVS, Codeville, Darcs, Git, Mercurial, Monotone, Subversion and Tla repositories.”—written in Python.

# 9:59 am / bazaar, codeville, cvs, darcs, dvcs, git, mercurial, monotone, python, subversion, tailor, tla, versioncontrol

The basics of creating a tumblelog with Django (via) Ryan Berg suggests having a StreamItem model that links uses a GenericForeignKey to link to other content types, then using signals to cause a StreamItem to be created for every other model type. I should switch to doing that on this blog: at the moment I have to query three separate tables to build the tumblelog part which results in messy code for ordering and pagination.

# 11:09 am / contenttypes, django, genericforeignkey, python, ryan-berg, tumblelog

Django snippets: Command to dump data as a python script. Extremely useful—dumps the data for an application as an executable Python script which will re-import it in to another database without any risk of colliding with existing IDs, sorting out foreign keys along the way.

# 12:07 pm / django, django-snippets, import, python

Oxford Geek Night 7: 25 June 2008. I won’t be able to make this one, but a reminder for anyone in the area that the seventh Oxford Geek Night takes place tomorrow night at the Jericho Tavern.

# 2:55 pm / events, oxford, oxford-geek-nights

mod_rpaf for Apache. A more secure alternative to Django’s equivalent middleware: sets the REMOTE_ADDR of incoming requests from whitelisted load balancers to the X-Forwarded-For header, without any risk that if the load balancers are missing attackers could abuse it to spoof their IP addresses.

# 5:02 pm / apache, django, http, load-balancing, middleware, modrpaf, rpaf, security, xforwardedfor

OpenID is a new and maturing technology, and HealthVault is frankly the most sensitive relying party in the OpenID ecosystem. It just makes sense for us to take our first steps carefully.

Sean Nolan

# 6:29 pm / healthvault, openid, seannolan, security

2008 » June

MTWTFSS
      1
2345678
9101112131415
16171819202122
23242526272829
30