Gentoo Archives: gentoo-dev

From: Kurt Lieber <klieber@g.o>
To: gentoo-dev@l.g.o
Subject: [gentoo-dev] implementation details for GLEP 41
Date: Sat, 19 Nov 2005 17:04:21
1 Ignoring the yellow star issue, there are a few implementation
2 concerns/impossibilities with GLEP 41 in its current form.
4 For instance, the way GLEP 41 suggests doing r/o cvs is not going to work.
5 It suggests using a single account and placing an SSH key for each arch
6 tester in that account's ~/.ssh/authorized_keys file.
8 There are no provisions for key management and I cannot see an easy way to
9 handle it. It's easy to add new keys, but how do we clean out old keys for
10 retired arch testers? (including arch testers that "retire" without ever
11 informing us) SSH doesn't log key ID as near as I can tell, so we have no
12 way of tracking what keys are used and how often. Also, how do we
13 definitively correlate an SSH key with an arch tester?
15 Now, the same question for email -- how do we manage aliases, especially
16 for inactive, retired and semi-retired arch testers? We could track usage
17 in logs, but between mailing list subscriptions, bugzilla notifications and
18 all sorts of other automated emails, that's not an accurate representation
19 of whether an email alias is actively used or not.
21 I talked to Lance and neither he nor I were consulted about this GLEP and
22 how feasible the implementation is. We both are quite concerned about the
23 issues that I've outlined above as well as others.
25 This isn't a "we're refusing to implement this GLEP" email, btw, though I'm
26 sure some of you will take it as such. It is, however, a "we were never
27 consulted regarding implementation details, so there are still issues that
28 need to be worked out before this GLEP can go anywhere" email.
30 --kurt