zlacker

[return to "GitHub is now free for teams"]
1. natfri+V2[view] [source] 2020-04-14 16:19:39
>>ig0r0+(OP)
Hi HN, I'm the CEO of GitHub. Everyone at GitHub is really excited about this announcement, and I'm happy to answer any questions.

We've wanted to make this change for the last 18 months, but needed our Enterprise business to be big enough to enable the free use of GitHub by the rest of the world. I'm happy to say that it's grown dramatically in the last year, and so we're able to make GitHub free for teams that don't need Enterprise features.

We also retained our Team pricing plan for people who need email support (and a couple of other features like code owners).

In general we think that every developer on earth should be able to use GitHub for their work, and so it is great to remove price as a barrier.

◧◩
2. thramp+Q3[view] [source] 2020-04-14 16:23:52
>>natfri+V2
This is a great change! One request: I wish that SAML was not an enterprise feature. SAML ought be a basic security feature like 2FA—it's especially valuable for open source teams who might use a mixture of services, and an easily accessible and cheap SSO solution would go a long way in raising the security bar for all teams, not just open source teams.
◧◩◪
3. tobinf+g9[view] [source] 2020-04-14 16:46:26
>>thramp+Q3
I'd never heard of SAML before. Is it like a more complicated version of OAuth?
◧◩◪◨
4. kube-s+Ib[view] [source] 2020-04-14 16:58:07
>>tobinf+g9
SAML has been around longer and handles AuthN and AuthZ

OAuth only does AuthZ. I've always found OAuth more complicated because you have to combine it with other technologies to get AuthN

◧◩◪◨⬒
5. thinkh+xf[view] [source] 2020-04-14 17:15:19
>>kube-s+Ib
OpenID Connect is the standardized AuthN process built on top of OAuth. It’s “on top of” but in practice it’s a simplification if OAuth for the specific purpose of AuttN
◧◩◪◨⬒⬓
6. kube-s+Rg[view] [source] 2020-04-14 17:21:11
>>thinkh+xf
I know, I just personally find it to be a fragmented and confusing set of standards. And a lot of people say OAuth when they mean OpenID Connect, which doesn't help with the confusion... or they abbreviate OpenID Connect as "OpenID" which also means something else.

I've never had to clarify what someone is actually trying to accomplish when they want "SAML 2.0"

◧◩◪◨⬒⬓⬔
7. tptace+Vi[view] [source] 2020-04-14 17:29:30
>>kube-s+Rg
You said "OAuth only does authz and must be combined with other technologies to get authn"; obviously, that's not true, in the sense that you can simply use OIDC --- a dialect of OAuth --- to get both.

Since OIDC is better than SAML, which is probably the scariest security standard on the Internet, I think it's worth being clear to people that OIDC/OAuth is viable.

The SAML authz story, for what it's worth, is pretty shady.

◧◩◪◨⬒⬓⬔⧯
8. kube-s+nl[view] [source] 2020-04-14 17:41:44
>>tptace+Vi
For sure. I never said SAML was any good -- I said I found it to be simpler. :)
◧◩◪◨⬒⬓⬔⧯▣
9. tptace+bm[view] [source] 2020-04-14 17:45:30
>>kube-s+nl
For developers, they're both just libraries. As protocols to implement, SAML is drastically harder.
[go to top]