Is lp available for projects?  

And/Or do you envision we create a key for say [email protected] and give you the 
private key and also a passphrase out if band.  Then we add [email protected] to 
any thing we encrypt as a recipient and that is a safety valve?
Regards,
KAM

On May 15, 2017 6:35:56 PM EDT, Greg Stein <[email protected]> wrote:
>We currently keep many credentials in LastPass (*). ... If y'all would
>like
>to construct a recovery key for SA, then we'll happily store that into
>the
>ASF LastPass account.
>
>Cheers,
>-g
>
>(*) after a couple LP security notices, we are considering other
>options,
>but that's neither here/there. if we switch vault providers in six
>months... we'll *still* have one for an SA recovery key.
>
>
>On Mon, May 15, 2017 at 5:27 PM, Kevin A. McGrail
><[email protected]
>> wrote:
>
>> Greg,
>>
>> Dave Jones brings up a good point about longevity of encrypted things
>for
>> the foundation.  Could infra maintain a key that can be added to
>things for
>> a backdoor?
>>
>> See below for a snapshot of the relevant thread for background.
>>
>> Regards,
>> KAM
>>
>> KAM:
>> What you should do is use the pub key at http://people.apache.org/~
>> kmcgrail/ and encrypt a file with the password.  <soapbox>Ideally,
>you
>> already have a key for me that chains to a circle of trust so you
>know for
>> sure it's me.  They actually have key signing parties and stuff for
>this.
>> I've found it to be a PITA and doesn't make me feel better that the
>key is
>> valid.  It's not like we are trained in verifying fake IDs so it's
>nothing
>> but an illusion of trust.</soapbox>
>>
>> Dave: My concern is I can sign it with your (Kevin's) key and even
>Brian's
>> key so the two of you can open it but what happens if another 5 or 10
>years
>> go by and we 3 are no longer volunteering as SA sysadmins?  The next
>> generation of sysadmins won't be able to open these files.
>>
>> There has to be a better way where we use an encrypted file with a
>master
>> password that we share and is recorded in a save place for the
>future.
>>
>> I use LastPass for this and I have my master password in an envelope
>in a
>> safe for my wife to open in the event I am no longer on this planet.
>I have
>> instructed her to take this envelope to any of my techie friends and
>they
>> would know how to help her get access of all of my online accounts. 
>We
>> need something like this for this team.
>>
>> KAM: The first consideration is that the method above with SVN is
>> considered acceptable to the foundation and exists already.  It long
>> predates me and has a strong encryption pedigree.  It also doesn't
>rely on
>> a service being in business since it uses all open source software
>and
>> files that you can mirror today.
>>
>> What I have done that is similar to what you describe is that my
>> passphrase for my private key is in my safe.  So should I leave this
>mortal
>> coil, the data is all recoverable.
>>
>> Also, we are trying to move away from master passwords as much as
>> possible.  Sharing of root credentials should be avoided as just a
>general
>> security mantra.
>>
>> KAM: Do you feel strongly enough about it to debate it with infra and
>see
>> what their thoughts are?
>>
>> Dave: Not that strongly.  I will be glad to go along with the
>existing
>> standards.  Seems like there should be an escrow-ed key from the
>foundation
>> or something that we would also sign with for the future.
>>
>>

Reply via email to