On 1/16/2014, 12:25 AM, Gregory Szorc wrote:
Can we just store the modules membership in LDAP or some other machine readable location (if not inside mozilla-central for relevant modules) and have a web page pull from that? Yes, it introduces process and overhead. But, module membership is the cornerstone of trust and giving automated agents access to the module membership [in a way that can be correlated to accounts] enables all kinds of nifty auditing possibilities. I believe this would help enable the verification actions proposed by Brendan and Andreas in their recent blog post [1].
Just! I love the word just. All the best plans start with "why don't we just", am I right?
Slightly more seriously, I think that you're conflating your business card with your house keys. The Mozillians site doesn't currently talk to LDAP, and making it pull data from LDAP seems like a lot of delicate and carefully-secreviewed work, particularly given how rarely module ownership and membership turns over.
Do all module owners and peers have LDAP accounts? I don't know for sure, but I don't think so. Maybe more importantly, I don't think that we _want_ the answer to that to _have_ to be yes, since it will inevitably become a bottleneck as the project grows and our community engagement efforts scale up.
Your argument about verification actions may outweigh my hypothetical future problem, though, and be worth the work; do you have specific things in mind that aren't possible with our current setup?
- mhoye _______________________________________________ governance mailing list [email protected] https://lists.mozilla.org/listinfo/governance
