Re: Emeritus status, and email forwarding [and 1 more messages]
On Thu, Nov 16, 2017 at 07:23:23AM +0800, Paul Wise wrote: > Is this because of it being hard to track the contributions of > non-uploading DDs? Not necessarily (but probably true for some case, for example, those we got DD_nu because of relevant contributions to the debconf orga, that's not really easy to figure out…). Another reason is that the MIA team still doesn't actively look out for inactive people, but instead reacts on external notices sent to us. Since there is a constant flow of those I think we will stick with that way for a while still. Nobody has come to us yet asking to check on a non-uploader DD. > Is the MIA team looking at contributors.d.o data? Yes, that's of great help in our work. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: Emeritus status, and email forwarding [and 1 more messages]
I think if we can find a way to manage it technically, allowing people to forward email would be a reasonable thing to do.
Re: Emeritus status, and email forwarding [and 1 more messages]
On Thu, Nov 16, 2017 at 12:23 AM, Mattia Rizzolo wrote: > non-uploading DD where the MIA team is not looking at. Is this because of it being hard to track the contributions of non-uploading DDs? Is the MIA team looking at contributors.d.o data? -- bye, pabs https://wiki.debian.org/PaulWise
Re: Emeritus status, and email forwarding [and 1 more messages]
Hello Mattia, On Wed, Nov 15 2017, Mattia Rizzolo wrote: > IMHO if somebody care to keep their forward email usable they can very > well care enough to have a robust enough key and keep it in the > keyring, and possibly be demoted to non-uploading DD where the MIA > team is not looking at. I'd like to suggest using 'changed' rather than 'demoted' because the latter suggests that being a non-uploading DD is of less value than being an uploading DD. (I know you're not a native speaker so I'm not blaming you, Mattia!) -- Sean Whitton signature.asc Description: PGP signature
Re: Emeritus status, and email forwarding [and 1 more messages]
On Wed, Nov 15, 2017 at 04:08:41PM +, Ian Jackson wrote: > It would be possible to have an "emeritus" keyring, I guess. Since it > would only be used for email forwarding and a few other things, it > could have weaker security requirements. Techinically such keyring exists, but they are not exported anywhere. But if 1024D are not considered secure anymore, I don't see the point of considering them "not secure, not trustable, but we don't care about email forward so we're fine with having the hijacked", which feels like what you are proposing. IMHO if somebody care to keep their forward email usable they can very well care enough to have a robust enough key and keep it in the keyring, and possibly be demoted to non-uploading DD where the MIA team is not looking at. And most of all, they would need to care enough to carry on such conversation to see it happen, whilst in most cases it seems to me the people first asking for such thing are nowhere near "interested" and expect others to carry on their wishes. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: Emeritus status, and email forwarding [and 1 more messages]
Peter Palfrader writes ("Re: Emeritus status, and email forwarding"):
> Without a key in a keyring that somebody maintains, authenticating such
> requests, even manually, is going to be a PITA.
Mattia Rizzolo writes ("Re: Emeritus status, and email forwarding"):
> In many cases (such this particular one) people don't have a viable gpg
> key anymore in the keyring: that means they can't email
> chan...@db.debian.org to update their LDAP details (theoretically, they
> might still know the LDAP password and do it from there, but in practice
> all the people who reach that point already forgot it).
It would be possible to have an "emeritus" keyring, I guess. Since it
would only be used for email forwarding and a few other things, it
could have weaker security requirements.
But this is all just hot air from me now, because I'm afraid I am not
volunteering to implement or maintain it :-/.
Regards,
Ian.
--
Ian JacksonThese opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
