[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] Discussion, and Help Wanted: Moving to Gitlab fo

From: ng0
Subject: Re: [GNUnet-developers] Discussion, and Help Wanted: Moving to Gitlab for Git, CI, and Issues
Date: Sat, 6 Apr 2019 15:51:22 +0000

wldhx transcribed 4.1K bytes:
> > So instead of "hey, signup and we give you access", what about the
> > addition of LDAP?
> >
> Is there additional benefit to LDAP as compared to standard GL ACL [0]?
> Note only some roles have "add members" privilege.

Probably only to unify additional login accounts we might want for
example for email boxes.
I have no experience with gitlab ldap. It was just a question.
> I had had experience with them being somewhat rigid (you sometimes want
> a specific set of privileges which none of the built-in roles covers),
> but we should probably be fine.
> >> So here's a problem I see with this as it is right now:
> >> I'm a git admin. Before I give people a certain kind of access, be
> >> it for one repo only, a range of repos or the group 'gnunet', I
> >> have a sort of checklist. Can I digitally verify to some extent that the
> >> key sent to me matches the person? Do we have a CAA signature? etc.
> >> Now I see already one name as 'Owner' in the gnunet group who, to
> >> my knowledge, has never signed anything. Correct me if I'm wrong
> >> about ic.rbow.
> ic.rbow has indeed not signed CAA yet. I asked them to now. In my
> defense, I added them when was a mere experiment :)

Okay, then it was just delayed communication. Thanks for clearing that up.
> >> We can only trust each other.
> >> Since we have this CAA in place, we need more than trust, we need
> >> some guidelines when someone is added to which permission level
> >> in gitlab.
> >> Previously the communication about what happened, which steps
> >> were followed and that there is a new committer, were betwee
> >> 1 or 2 people involved in administration. Now potentially everyone
> >> can do this, which is either bad or good, so at the very least
> >> we need to communicate about new rights given.
> +1 for guidelines, +1 for communication, but maybe not that much changes
> due to GL ACL.

Okay, thanks for your message.
> [0]:

> _______________________________________________
> GNUnet-developers mailing list
> address@hidden

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]