On Wed, Aug 15, 2012 at 10:12:33AM +0100, Martín Ferrari wrote: > > Indeed: nm.debian.org is currently the authoritative database for the > > status of people contributing to Debian, and it already tracks, for > > example, DMs and people with guest account. > This is news for me, and it looks like a very useful starting point. > And it just made me discover sso.debian.org, that's great news too! :) I'm sorry I'm far too busy working on the site and on other FD/DAM things to be able to publicise it properly. Consider this an open call for help O:-) > I couldn't see what the NM site allows me to do (I created a password > in db.debian.org, but it seems to take some time to propagate, adding > this info to the login page might be useful). But I concur that > managing one's identity would be good. I'd also add to that a way of > managing the different email addresses associated, because that's the > main problem I see for integrating different sources of information > about one person. Currently, many tools in Debian still don't > recognise that tincho@ and martin.ferrari@ are the same person. Indeed. Currently once you log in nm.d.o you can see more information, advocate people or do AM work if you are an AM. Login is restricted to DDs because that's how DACS works at the moment, but I'm trying to figure out how to change that. I'd like to add a 'preferences' page where one could do some identity management. I want to avoid having nm.d.o be the primary data source for anything except the status of people in Debian, and I'd rather hook into other existing databases whenever possible. In terms of managing one's visible full name, for example, this means that I was planning to just allow people to choose which of the various full names they have in Debian (for example, the primary UID on their GPG key) should be the default on the site. The multiple email situation can be addressed by interfacing with the MIA database, which already tracks this kind of information, of course after a little discussion on what bits of it can be publicly exposed and what shouldn't. Then, once the site shows things right, a REST API can take care of allowing the information to be reused by other bits of Debian. > > Code is at http://anonscm.debian.org/gitweb/?p=nm/nm2.git;a=summary > > What did you have in mind? > Something very similar to this, but I thought I would have to rely on > alioth. Having this information in the main LDAP tree is much better. Sure, with the limitation that we currently do require legal names on LDAP, and that people may prefer to use something else for their online, google-searchable persona. Could there be a 'public name' field in LDAP? I haven't tried figuring that out yet. Also, at the moment LDAP is only for people with an account on Debian machine: DDs and guest accounts. Even most DMs don't have an LDAP entry, for example. I think we need some free-registration identity provider, and we can use Alioth, or even identi.ca via oauth. We've started discussing details with DSA and Alioth admins, but haven't found a workable solution yet. > What is not completely clear to me is how people get in there in the > first place. I see the LDAP directory now has ou=users, but I didn't > find instructions in the NM site. The other thing is that I don't see Here are the details: http://lists.debian.org/debian-project/2010/09/msg00026.html > anything that would encourage people to create an account unless they > want to start the NM process. I don't know if this is intended to be > that way or not, but what I envision is a database where all > contributors could be found, specially contributors that are hidden in > the deep dark corners of the project. Definitely. That's what I meant when I mentioned using Alioth, or even identi.ca, as an extra identity provider: anyone can register there. > > P.S. > > I did see your blog entry and wanted to get in touch, then I got > > sidetracked by other things. It's great you got in touch! > > Great. Do you have any thoughts to share on that? I think we need what you propose, and it fits perfectly with what I had in mind in my (and Francesca's) blog post you quoted[1]. In terms of implementation, I see an overlap with nm.debian.org, portfolio.debian.net and db.debian.org. I hope I'm not frustrating your coding plans by saying this, but my suggestion would be, before you go beyond prototypes and mockups and get into serious site development, to have a quick round of discussion to see if they could be implemented as new parts of existing infrastructure instead. For example, NM applicants already have to write a public bio. I was already thinking of adding a special field for that in nm.d.o, which means it'd automatically get posted to debian-newmaint when an applicant is approved, and it would save AMs some more work. The same bio could be shown on the person's personal page, and they could keep it up to date over time. That could become the bio that's shown in your mockup. I was also already thinking of adding alternate emails from MIA to nm.d.o, which would improve the portfolio and DDPO links and the default minechangelogs search. The only information we would then miss would be badges and stats. I guess that, for those, what we most need is a way of collecting them: a standard REST API that various pieces of Debian infrastructure can implement, perhaps? Once the data is collected, where it is displayed becomes a detail: it could be a stand-alone site linked by nm.d.o and portfolio.d.o, it could be nm.d.o itself, or both. I guess that boils down to what technologies whomever is doing the work is comfortable working with. Regardless of the final implementation, I think network APIs are a must, so that even if you make your own website, I can still easily show badges on nm.d.o pages if I feel like, and you can get personal info from nm.d.o without needing to keep your own database in sync. > > P.P.S. > > Have you seen https://wiki.mozilla.org/Badges ? > > Hah, no. I didn't know about that! It looks very nice, and it's a very > similar concept. Although it probably doesn't make much sense in > trying to integrate with them. I was looking at it mainly as a standard protocol to handle badge information. Even if we don't care about integrating with them, what would you think of just reusing their technology? > Also, it's not like this is a great idea that came to me overnight. We > have something very similar in spirit at work, and that's where my > idea came from. Sure, and no matter where it comes from, I think it's a good idea, it's great that you're working on taking it to Debian. Ciao, Enrico [1] http://www.enricozini.org/2012/debian/more-diversity-in-skills/ -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini <enrico@enricozini.org>
Attachment:
signature.asc
Description: Digital signature