I think that David's plan is considerably better. The key is the access to the over-ride keys.
On Mon, Mar 30, 2015 at 8:08 PM, David Nalley <da...@gnsa.us> wrote: > > > > The above makes a really nice, security-conscious scheme > > that I would love to champion among various PMCs > > and suggest that we document it as part of our social > > media guidelines. The only open question in my mind > > is who (and by extension what email address) should > > the master ASFxxx account be associated with. I see > > two alternatives here: > > * ASF Infra team collectively owns it > > * Whoever controls @TheASF owns it > > > > Neither IMO. > Infra doesn't want it (and we will politely decline if asked to manage > your social media creds). And burdening Sally, Jim, Joe, etc with > scores of projects credentials isn't going to scale well. > > If I were to define it, Make the address for the account > private@$foo.a.o (CloudStack uses an alias that forwards to > private@cs.a.o IIRC) I would say turn on MFA for the account (device > held by the chair or his designee) keep the override codes encrypted > to multiple PMC members in the projects private svn tree (and open to > add more PMC members at their request). That gives the PMC the ability > to override if someone disappears or goes off the tracks. Federating > access is easy with Tweetdeck or Hootsuite - securing the account > becomes a lot easier as well. > > --David > > --------------------------------------------------------------------- > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > For additional commands, e-mail: general-h...@incubator.apache.org > >