From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.50) id 1Edap1-0001IG-6i for garchives@archives.gentoo.org; Sat, 19 Nov 2005 22:04:35 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id jAJM2uPa000588; Sat, 19 Nov 2005 22:02:56 GMT Received: from jaguar.lieber.org (jaguar.lieber.org [217.160.252.168]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id jAJLxVvf022362 for ; Sat, 19 Nov 2005 21:59:31 GMT Received: from localhost (localhost [127.0.0.1]) by jaguar.lieber.org (Postfix) with ESMTP id 36D9A29C101 for ; Sat, 19 Nov 2005 22:04:01 +0000 (UTC) Received: from jaguar.lieber.org ([127.0.0.1]) by localhost (jaguar.lieber.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 04579-13 for ; Sat, 19 Nov 2005 22:03:59 +0000 (UTC) Received: by jaguar.lieber.org (Postfix, from userid 1001) id 23EF929C1F3; Sat, 19 Nov 2005 22:03:58 +0000 (UTC) Date: Sat, 19 Nov 2005 22:03:58 +0000 From: Kurt Lieber To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] implementation details for GLEP 41 Message-ID: <20051119220358.GB12982@mail.lieber.org> References: <20051119170615.GW12982@mail.lieber.org> <20051119190355.GB28867@gentoo.org> <20051119191403.GZ12982@mail.lieber.org> <20051119195115.GA4535@nightcrawler> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4ECF1u7dKBoUGhe3" Content-Disposition: inline In-Reply-To: <20051119195115.GA4535@nightcrawler> X-GPG-Key: http://www.lieber.org/kurtl.pub.gpg User-Agent: Mutt/1.5.8i X-Virus-Scanned: amavisd-new at lieber.org X-Spam-Status: No, score=-5.893 tagged_above=-999 required=5.5 tests=[ALL_TRUSTED=-3.3, AWL=0.006, BAYES_00=-2.599] X-Spam-Score: -5.893 X-Spam-Level: X-Archives-Salt: fb4a5fe2-92c7-4b3f-b953-4f71f7e54207 X-Archives-Hash: f70cb87f94084483cb6d0f2069397e73 --4ECF1u7dKBoUGhe3 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Nov 19, 2005 at 01:51:15PM -0600 or thereabouts, Brian Harring wrot= e: > I'll again point out that the glep doesn't actually mandate it, states=20 > it's the lowest common denominator that's acceptable. And I'll point out that there's more than one issue that we're concerned with here. =20 > Stop pointing at one interpretation of it that sucks, when the glep=20 > _does_ leave it open to you how to implement it. It's a waste of=20 > people's time and bandwidth, and is a bit disenguous. I'm trying to find a solution to the issues as I see them. Telling me I'm wasting people's time and bandwidth doesn't seem conducive to working together towards a resolution to this all. If you're going to say, "it was passed, you guys just have to find a way to implement it. now please stop bothering us" then I'm going to come up with an implementation plan that looks something like the following: * all SSH keys and email addresses for arch testers will auto-expire after 60 days. If an arch tester needs to have continued access, a gentoo dev will have to re-submit the key and recreate the alias for that arch tester every 60 days. That meets the requirements of the GLEP down to the letter and also satisfies infra concerns around key management. However, it's a crappy solution. So, I'd much rather work together towards finding a better one. =20 --kurt --4ECF1u7dKBoUGhe3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDf6FOJPpRNiftIEYRAjlaAKCPQ2pfxzdrjbO1loZ+2z+j+aRxlACeMwTT ccWnO/HDaz1rD+x3/loZqxU= =VQPJ -----END PGP SIGNATURE----- --4ECF1u7dKBoUGhe3-- -- gentoo-dev@gentoo.org mailing list