[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Salsa as authentication provider for Debian



>>>>> "Enrico" == Enrico Zini <enrico@enricozini.org> writes:


    Enrico> I agree that with the current proposal, the use case of
    Enrico> "grant a person permission based on their status, which is
    Enrico> somehow revoked or blocked if the status goes away" becomes
    Enrico> something we might not be able to do.

Fair enough.  But there is the use case of sanity check that foo is a dd
before granting them permissions today because I'm going to think about
it a lot more if they aren't a dd  is a valid use case.

Also, I do think there are some repos that we really only want a dd
writing to.  As an example, keyring-maint.  Now if something goes bad
for keyring maint we're going to notice it, and keyring maint would
certainly be in the loop if someone from keyring-maint retired.

I don't think it blocks your proposal, but I do think that having
something to audit repos and make sure only current dds have access to
certain repos is a valuable user no]eed.
And I think the current-status-permission check need is also valid and
probably more critical.


Reply to: