From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1OMycx-0007ZH-Kj for garchives@archives.gentoo.org; Fri, 11 Jun 2010 07:26:07 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 537F7E0ADD; Fri, 11 Jun 2010 07:26:06 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 1BE85E08CA for ; Fri, 11 Jun 2010 07:26:01 +0000 (UTC) Received: from [192.168.1.3] (ap.ran.gpi.ru [195.209.218.156]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id EF3811B4010 for ; Fri, 11 Jun 2010 07:25:59 +0000 (UTC) Subject: Re: [gentoo-dev] RFC: Moving more developer data to LDAP, for scalability/redundancy (away, foward, permissive, SMTP password, plan) [WAS: Suggestion to ask devs to change their bugzilla name] From: Peter Volkov To: gentoo-dev@lists.gentoo.org In-Reply-To: References: <20100611032726.GA13860@orbis-terrarum.net> <201006110843.25420.tampakrap@gentoo.org> Content-Type: text/plain; charset="UTF-8" Date: Fri, 11 Jun 2010 11:24:45 +0400 Message-ID: <1276241085.16507.588.camel@tablet> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.28.3.1 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 662ad56e-4500-4f50-b79e-84f92f18eae6 X-Archives-Hash: 06b475de6d373ff1cbe1ec878819044e =D0=92 =D0=A7=D1=82=D0=B2, 10/06/2010 =D0=B2 23:42 -0700, Alec Warner =D0= =BF=D0=B8=D1=88=D0=B5=D1=82: > > I don't agree with that, but just out of curiosity, is it possible to= use a > > web interface? phpldapadmin or something >=20 > The problem with phpldapadmin is that it potentially opens up LDAP to > the world. Require everybody to forward connection through ssh to get ldap web interface? It's not hard to setup such tunnel manually or e.g. use xinetd for automatic tunnel creation on request... Another option is to use https with ssl client side certificates). I think it's not hard for developers to generate certificates on dev.gentoo.org and import them into browsers. > >> Bonus plans: > >> - Maybe move mail aliases to LDAP? We'd lose comments :-(. >=20 > Not if you added a comments field ;) +1. Comments are useful (e.g. for non @gentoo.org mail addresses) and btw, it's good idea if willikins will show them too. --=20 Peter.