Tuesday, 24th June 2008
The point of “Open” in OpenID
TechCrunch report that Microsoft are accepting OpenID for their new HealthVault site, but with a catch: you can only use OpenIDs from two providers: Trustbearer (who offer two-factor authentication using a hardware token) and Verisign. "Whatever happened to the Open in OpenID?", asks TechCrunch’s Jason Kincaid.
[... 451 words]Tailor. “Tailor is a tool to migrate or replicate changesets between ArX, Bazaar, Bazaar-NG, CVS, Codeville, Darcs, Git, Mercurial, Monotone, Subversion and Tla repositories.”—written in Python.
The basics of creating a tumblelog with Django (via) Ryan Berg suggests having a StreamItem model that links uses a GenericForeignKey to link to other content types, then using signals to cause a StreamItem to be created for every other model type. I should switch to doing that on this blog: at the moment I have to query three separate tables to build the tumblelog part which results in messy code for ordering and pagination.
Django snippets: Command to dump data as a python script. Extremely useful—dumps the data for an application as an executable Python script which will re-import it in to another database without any risk of colliding with existing IDs, sorting out foreign keys along the way.
Oxford Geek Night 7: 25 June 2008. I won’t be able to make this one, but a reminder for anyone in the area that the seventh Oxford Geek Night takes place tomorrow night at the Jericho Tavern.
mod_rpaf for Apache. A more secure alternative to Django’s equivalent middleware: sets the REMOTE_ADDR of incoming requests from whitelisted load balancers to the X-Forwarded-For header, without any risk that if the load balancers are missing attackers could abuse it to spoof their IP addresses.
OpenID is a new and maturing technology, and HealthVault is frankly the most sensitive relying party in the OpenID ecosystem. It just makes sense for us to take our first steps carefully.