raboof commented on issue #233: URL: https://github.com/apache/tooling-trusted-releases/issues/233#issuecomment-3433080643
This proposal looks very reasonable to me. Some thoughts: * ~I'm curious why you cite a couple of reasons to pick `_` for the delimiter, and then seem to pick `-`? No strong preference though~ (ha GMTA) * I wonder if it'd make sense to split the `asf` prefix from our 'internal' `tap` scoping, possibly that'd make it easier to register them all 'in one go' to scanners? * Likely our MFA/identitymanagement/Authentik will also support tokens in some form. I wonder if that'd ever lead to a situation where a token used to be 'managed' by (say) ATR, but later we'd decide to move the management of that token to Authentik, or vice-versa, or to/from other systems. I think your proposal allows such migrations (and the scoping makes this easier, rather than harder), so that seems OK? I see no problems, but would be good to coordinate with Infra, particularly wrt the MFA project? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
