Re: Q: All: Account creation latency
Hi,
On Wed, 19 Mar 2008, Peter Palfrader wrote:
> On Sat, 15 Mar 2008, Nacho Barrientos Arias wrote:
>
> > If you get elected, what will you do to prevent people from waiting
> > for weeks (and usually for months) to see their account created after
> > DAM approval?
>
> I think the "problem" would be trivial to fix. The DAM should be the
> party that makes the *policy decision*, and then DSA should be tasked
> with actually creating the account, and keyring-maint with adding the
> key to the debian keyring.
There's some appeal to this point of view.
But is it desirable to have to wait on 2 separate teams after the "policy
decision" as you say? I know that account creation would be quick so long
as you're active in the team but the keyring part is still problematic.
Having an account without the key or vice-versa would be strange.
Also the LDAP contains the fingerprint of the key, so we probably need
some coordination between both, no?
/me wonders if we shouldn't merge keyring-maint into DSA... DSA has root
access on keyring.debian.org so they are already sort of "trusted". On the
other side, the keyring controls which key can be used to request a new
password or setup a new SSH key, so it's also equally important in term of
security for DSA.
Cheers,
--
Raphaël Hertzog
Le best-seller français mis à jour pour Debian Etch :
http://www.ouaza.com/livre/admin-debian/
Reply to: