On Wed, Feb 14, 2018 at 04:09:11PM +0000, Jonathan McDowell wrote: > On Mon, Feb 05, 2018 at 12:48:06AM +0100, Mattia Rizzolo wrote: > > "unacceptable uid, rejected by keyring-maint". > > <dons keyring-maint hat>Let's be clear, the only rejected UID I recall > recently was someone applying for DM status who had added an @debian.org > email address to their key which they had no entitlement to.</doffs > keyring-maint hat> There also was one with an UID with a completely different name from the others (I don't remember if that one was rejected by you or just frowned upon but later approved). > > I believe the processes should not proceed (in particular, not accept > > advocacies) until the key is not valid, or manually accepted by FD. > At the moment there is no requirement on Front Desk to get involved in a > process before it's been confirmed that an applicant has an advocate and > is ready to progress in their application. Your proposal would instead > require that Front Desk get involved at the start of any process and > prevent any action until they had done so. That pushes the up front work > from a large pool of potentials (the advocates) to a small, overworked > team (Front Desk). Well, they already have to, to approve the key. Yes, this would block the processes until that (quite critical) part of the process is not cleared. > > Those 6 processes I've looked at don't show any sign of a solution in > > sight, and will probably be closed by FD one of these days, causing > > unhappiness for all the involved parties¹. > From where I'm sitting it's not clear that is an improvement. Those > processes with invalid keys will still be stalled, they will still sit > visible in the Front Desk web interface until closed out or the key > issues are fixed and really the only slight positive seems to be that > advocates won't have to send advocacies for people who might not make it > through the process. It would also avoid bad feelings from potential DMs who see their processes manually closed for inactivity when they have everything and only lack a signed key. As a matter of fact, I know there is a timeout thing somewhere closing processes without any advocacy after a while. That would allow this mechanism to work for DMs without good enough keys, without manual involvement (and avoids "damn Mattia, closing my process!"-thoughts). -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
Attachment:
signature.asc
Description: PGP signature