Chris has an epic in the mw-core backlog tracking OAuth fixes that we
could focus on instead of SOA Auth.
https://phabricator.wikimedia.org/T86869
There are a few things that are compelling about considering a shift
of focus to this for me:
* We already have a list of things to work on!
* Erik is *really* interested in improving OAuth
* We started this project and know that there are things we'd like to polish up
* This has a more visible impact than core code cleanup
* We can probably come up with metrics to go along with it
The down sides:
* Authn/z will need work eventually
* We need to keep working on SOA Auth RfC either way
Thoughts? I'd be happy to have a conference call with the current team
and anyone else who is interested to discuss this if it seems like
that would be more efficient.
Bryan
--
Bryan Davis Wikimedia Foundation <bd808(a)wikimedia.org>
[[m:User:BDavis_(WMF)]] Sr Software Engineer Boise, ID USA
irc: bd808 v:415.839.6885 x6855