Re: Salsa as authentication provider for Debian
>>>>> "Enrico" == Enrico Zini <enrico@enricozini.org> writes:
Enrico> I agree that with the current proposal, the use case of
Enrico> "grant a person permission based on their status, which is
Enrico> somehow revoked or blocked if the status goes away" becomes
Enrico> something we might not be able to do.
Fair enough. But there is the use case of sanity check that foo is a dd
before granting them permissions today because I'm going to think about
it a lot more if they aren't a dd is a valid use case.
Also, I do think there are some repos that we really only want a dd
writing to. As an example, keyring-maint. Now if something goes bad
for keyring maint we're going to notice it, and keyring maint would
certainly be in the loop if someone from keyring-maint retired.
I don't think it blocks your proposal, but I do think that having
something to audit repos and make sure only current dds have access to
certain repos is a valuable user no]eed.
And I think the current-status-permission check need is also valid and
probably more critical.
Reply to: