Re: Online Services API Keys
On Wed, 2016-12-14 at 10:11 -0500, Shaun McCance wrote: > The GNOME Foundation board has a password-protected area of the wiki > that only board members and employees have access to. That's eight > people, nine after we finally hire an ED. Would that be a good place > to keep a backup? Hi, I see I forgot to explain something. As it is done in the Google case (and I believe also for other OAuth(2) services) a developer creates a project on the Google site and that project receives a pair of id/secret, which is used to identify the project (application), which asks for the OAuth(2) token with user's credentials. This id/secret pair is semi-private, it can be found in the source code. The Google web site allows to add more people into the project, in which case more people can change settings of the id/secret pair on the web site as needed. That is that, in the case of the Google, there might be a Google account which could be added to the projects and this Google account will be tight to the entity, not to an individual. I hope I made it clearer. In case I misunderstood your comment, I'm sorry. Bye, Milan ___ desktop-devel-list mailing list desktop-devel-list@gnome.org https://mail.gnome.org/mailman/listinfo/desktop-devel-list
Re: Online Services API Keys
On Wed, 2016-12-14 at 15:48 +0100, Milan Crha wrote: > Hello, > in the light of > https://wiki.gnome.org/Initiatives/OnlineServicesAPIKeys > which is still missing the Google keys used by the evolution-data- > server (it's my fault). > > I'm wondering how to avoid The Bus Factor for the keys. It doesn't > matter how many individuals would have access to the keys (you still > want to keep that quite low after all), as long as they are the > individuals. > > Having there a (central?) entity with the access to the keys settings > might be better, because, well, the entity would be independent of any > individuals. The GNOME Foundation board has a password-protected area of the wiki that only board members and employees have access to. That's eight people, nine after we finally hire an ED. Would that be a good place to keep a backup? -- Shaun ___ desktop-devel-list mailing list desktop-devel-list@gnome.org https://mail.gnome.org/mailman/listinfo/desktop-devel-list
Online Services API Keys
Hello, in the light of https://wiki.gnome.org/Initiatives/OnlineServicesAPIKeys which is still missing the Google keys used by the evolution-data- server (it's my fault). I'm wondering how to avoid The Bus Factor for the keys. It doesn't matter how many individuals would have access to the keys (you still want to keep that quite low after all), as long as they are the individuals. Having there a (central?) entity with the access to the keys settings might be better, because, well, the entity would be independent of any individuals. I know there are pros and cons for both ways of doing it, as you surely want someone trustworthy to have access to the keys, not some random guy, thus the entity might be the board, or the sys admins, or... This email is meant as a question what others think and also a possible place to give pointers and so on for the process to get into the state where The Bus Factor will be completely avoided (or at least as much as possible). Thanks and bye, Milan ___ desktop-devel-list mailing list desktop-devel-list@gnome.org https://mail.gnome.org/mailman/listinfo/desktop-devel-list