On Sat, Jun 13, 2026 at 02:51:01PM +0100, Peter Robinson wrote:
> On Sat, 13 Jun 2026 at 09:57, Adam Williamson
> <[email protected]> wrote:
> >
> > On Sat, 2026-06-13 at 04:04 +0000, Gary Buhrmaster wrote:
> > > On Sat, Jun 13, 2026 at 12:01 AM Michael Catanzaro via devel
> > > <[email protected]> wrote:
> > > >
> > > > OK, I'm convinced you're right. It's time.
> > > > --
> > >
> > > So, to the "management", how do we
> > > make such a 2FA requirement happen?
> > > I presume this needs to go through a
> > > process to approve any such changes?
> >
> > I *think* a general 2FA requirement for packagers or provenpackagers
> > should go to FESCo? There's FPC, but I think FPC's remit is the
> > packaging guidelines, not wider rules like this.
> 
> Or possibly council if it's a policy thing?

Last time this was proposed it went to FESCO

  https://pagure.io/fesco/issue/3186

I would see Council's role as setting a strategic plan "Secure the
Fedora Community", while FESCO would still own the impl of such a
plan, of which 2FA for packager accounts is one aspect. So I'd be
inclined to re-file ticket 3186

With regards,
Daniel
-- 
|: https://berrange.com       ~~        https://hachyderm.io/@berrange :|
|: https://libvirt.org          ~~          https://entangle-photo.org :|
|: https://pixelfed.art/berrange   ~~    https://fstop138.berrange.com :|

-- 
_______________________________________________
devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://forge.fedoraproject.org/infra/tickets/issues/new

Reply via email to