To complete bug 46901, we need a single domain where global users will be logged in, and all of the WMF sites can test check to see if the local wiki should allow a user to login.
Because this website will have a session for every logged in user, the site should:
- Highly restrict the javascript that can run on it
- Minimize the amount of content and features, to reduce the risk for XSS vulnerabilities
- Only be accessible over SSL
- Disallow any iframing
Version: wmf-deployment
Severity: enhancement