Re: [Demexp-dev] logins and account creation.

[luna]

On Le Saturday 07 October 2006, à 13:05:31, Augustin wrote:
> On Saturday 16 September 2006 07:14 pm, David wrote:
> >  2. The demexp server and Drupal logins should be unified: the same
> >     login name and password should be used for both the Drupal login on
> >     the web site and the vote on demexp server;
> 
> This is a definite No!
> I will detail below but there are many reasons why not.
> There are technical reasons (with Drupal core).
> There are privacy/useability reasons. 
> There are inclusiveness/openness reasons for users.
> There are flexibility reasons for organizations who'd want to use this 
> module, 
> too.

Just to say here I fully agree with Augustin. And I agree with all the
arguments he gives. In my opinion demexp account, login and password
must be independant of any other things, computer account which
the client is on, web-clients and so-on.

> Why are you  so worried about who gets access to the root directory of the 
> web 
> server?

Just for clarity, we do not speak about root directory but about root
account, i.e. power to read and wrtie every bit on the memory and the
hard drive of the server. Such an account should not exists for the
demexp server but we have to do with actual technology.

> How does the demexp server store the data? In a data base? On file?
> If I understand the technology well, each transaction is recorded (on file) 
> and associated to the demexp account. So, the person who has access to the 
> ballots and all other information related to the questions, knows the real 
> identity of the people who submitted this information. 

Yes, the point is here. The person with root access knows (or can know)
all those informations. So we want to restrict the number of such
persons. That's why their are worries about who have root access.

> From the security and privacy point of view, an anonymous hash would have 
> been 
> much better. 

Interesting idea. Should be explored.


François