IETF Logo Mail Archive

Re: [Ietf-and-github] RobWilton review of draft-ietf-git-using-github-05

"Rob Wilton (rwilton)" <rwilton@cisco.com> Fri, 13 March 2020 17:57 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: ietf-and-github@ietfa.amsl.com
Delivered-To: ietf-and-github@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C7313A058F; Fri, 13 Mar 2020 10:57:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.599
X-Spam-Level:
X-Spam-Status: No, score=-9.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=BWtSqDCV; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=tf6Wxk6P
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l9Dajr7QmkJE; Fri, 13 Mar 2020 10:57:29 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBD2E3A053F; Fri, 13 Mar 2020 10:57:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=17666; q=dns/txt; s=iport; t=1584122249; x=1585331849; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=FIkXvE6NXo2hKSfPglDONMiuTKhLvNs9/BOEQHVUlww=; b=BWtSqDCVqVa9DT4bquhPOCk49U5N6Ygax2vVLlVLJfAeC6YfoWs9vM3T iDv5wl5JAJqqdiqr7FU5UQMiee50LvSgcypVSCGyAZc1PDxxIhujau+Kx rfGxH6YOL1a4H63/yXav7WOCk8dtTecmWPe5kxYCkZXkoGvyHCgymf3MY 8=;
IronPort-PHdr: =?us-ascii?q?9a23=3AbBiv4RHlruCG0XIJNjFh051GYnJ96bzpIg4Y7I?= =?us-ascii?q?YmgLtSc6Oluo7vJ1Hb+e4z1A3SRYuO7fVChqKWqK3mVWEaqbe5+HEZON0pNV?= =?us-ascii?q?cejNkO2QkpAcqLE0r+eeT1bigmG8JqX15+9Hb9Ok9QS47z?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AkCQCVyGte/4gNJK1mHAEBAQEBBwE?= =?us-ascii?q?BEQEEBAEBgXuBJS8kLAVsWCAECyoKhAuDRQOKcIJfkzaEYoFCgRADVAkBAQE?= =?us-ascii?q?MAQEnBgIEAQGEQwIXggYkOBMCAwEBCwEBBQEBAQIBBQRthVYMhWMBAQEBAxI?= =?us-ascii?q?RChMBAQYxAQ8CAQgRBAEBFhIDAgICMBQJCAEBBA4FCBpTgjKBfU0DLgEOoW0?= =?us-ascii?q?CgTmIYnWBMoJ/AQEFVoRUGIIMAwaBOIwuGoFBP4ERR4JNPoJkAQECgRwpICs?= =?us-ascii?q?JCYJSMoIskDQ7hXYkmTQKgjyHVo82kxiIKZgDkloCBAIEBQIOAQEFgWkigUQ?= =?us-ascii?q?LAQhwFYMnUBgNjh2Dc4pVdAIEgSOKd4EiAXgXAQE?=
X-IronPort-AV: E=Sophos;i="5.70,549,1574121600"; d="scan'208,217";a="732821101"
Received: from alln-core-3.cisco.com ([173.36.13.136]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 13 Mar 2020 17:57:26 +0000
Received: from XCH-ALN-005.cisco.com (xch-aln-005.cisco.com [173.36.7.15]) by alln-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id 02DHvQcM016473 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 13 Mar 2020 17:57:26 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-ALN-005.cisco.com (173.36.7.15) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 13 Mar 2020 12:57:09 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 13 Mar 2020 12:57:09 -0500
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 13 Mar 2020 12:57:08 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i6QzJreeALpWylQfrSd0DQFCfowlT5onC/h/XI0J73nkkKu8OvW/5fdb7+OE59t89It7zYpIkR7vxjhp4zP2UG7qxSsOsUmKRrIiPU9ouissl5prUbl6Wx5MFJ8Ns9lpf28wTJmkJgEdjjDuYQvmHt/g6KULAgQPLS2gUzPhyOHU/u4gLqk6s74nHs5o7KipyGM+o1jADaKgGgTSExPPOZhVkZygIlqEcvk74bdzDBep0lXslbeBeWBsfpFjECItLEnznjbX65CDmu9yogQ8dTRe1NlkSi1WngNjtZ1QVlKzaPdNfGVXb6WqNiFACTYLzq28TlmctKBVndbsjDg+yA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FIkXvE6NXo2hKSfPglDONMiuTKhLvNs9/BOEQHVUlww=; b=ApB0cL+NrdegU7xjV/Z9ZAKt4j+kFWpMFz6cu7F4sq44ESgDYzMbedy2+3jWi4YYM8ou/YnM/f37tidzcBKfdK7L7rcAvxbeGReaBwk2EU54NFbw5GPWUr3y329zFUgbcw8HMLuO7aziSeHrnCXhH5SifCCmAvb3hXkxJJ3F/GzC+Hq8a0OyruocJ/9zVuE7ALlAqfLObgKZTNGL1rA71WX+wENRAeUe065KwVoTaLFhzC/2ZKUewEqv/jRJsH7DiIfuwi/9bCRIixFWsYMf7fdXJbx9ihrjqzN/wZPj17RHMjPSVQAZo7GMctiOl/ieM/PWQP831txXULHgopoC1A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FIkXvE6NXo2hKSfPglDONMiuTKhLvNs9/BOEQHVUlww=; b=tf6Wxk6PwijKk9IhX2x0C6aLdK/3IducPAnNqfEoVsOoMbtHcVhmiCuw+6rZVAI1opF+TYbGa6xvSeFi9eleI5lIp38Rd6K1tATkjglqh80HjWhzmQepHo+NLq5Uq25Lxo28U+bPgabnuix+n1K4G6xYQfIGmNFTNMmOyPDhu20=
Received: from MN2PR11MB4366.namprd11.prod.outlook.com (2603:10b6:208:190::17) by MN2PR11MB3789.namprd11.prod.outlook.com (2603:10b6:208:f2::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2793.17; Fri, 13 Mar 2020 17:57:08 +0000
Received: from MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::3:2164:a8e2:33b3]) by MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::3:2164:a8e2:33b3%5]) with mapi id 15.20.2814.018; Fri, 13 Mar 2020 17:57:08 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Rob Sayre <sayrer@gmail.com>
CC: "git-chairs@ietf.org" <git-chairs@ietf.org>, "ietf-and-github@ietf.org" <ietf-and-github@ietf.org>, "draft-ietf-git-using-github@ietf.org" <draft-ietf-git-using-github@ietf.org>, The IESG <iesg@ietf.org>, "Martin Thomson" <mt@lowentropy.net>, Christopher Wood <caw@heapingbits.net>
Thread-Topic: [Ietf-and-github] RobWilton review of draft-ietf-git-using-github-05
Thread-Index: AdX20DXn6nk7ia9BTXi3bSvYC2yFiwAnJ+6AAAcSpnAAalMNAAAI3lvw
Date: Fri, 13 Mar 2020 17:57:08 +0000
Message-ID: <MN2PR11MB4366B12A5C74EEC2AEB25C09B5FA0@MN2PR11MB4366.namprd11.prod.outlook.com>
References: <BY5PR11MB43554E4D2C6E916F070B680BB5FF0@BY5PR11MB4355.namprd11.prod.outlook.com> <03a88995-a64b-4214-a408-1e826f3ecc9a@www.fastmail.com> <MN2PR11MB4366EF66BE23577FDC1A05EAB5FA0@MN2PR11MB4366.namprd11.prod.outlook.com> <CAChr6SzRbd6KBy+ZARHvfK_FW_x0kO_7b8gBm9jH=MR2xgZ6PQ@mail.gmail.com>
In-Reply-To: <CAChr6SzRbd6KBy+ZARHvfK_FW_x0kO_7b8gBm9jH=MR2xgZ6PQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rwilton@cisco.com;
x-originating-ip: [173.38.220.56]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ba9307f4-3f97-4463-c543-08d7c777f2bb
x-ms-traffictypediagnostic: MN2PR11MB3789:
x-microsoft-antispam-prvs: <MN2PR11MB37897846871731F180223ABFB5FA0@MN2PR11MB3789.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 034119E4F6
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(136003)(39860400002)(376002)(396003)(346002)(199004)(186003)(66556008)(8936002)(66446008)(6916009)(86362001)(53546011)(66476007)(6506007)(71200400001)(8676002)(81156014)(33656002)(2906002)(66946007)(55016002)(76116006)(81166006)(64756008)(7696005)(52536014)(54906003)(26005)(9686003)(5660300002)(316002)(66574012)(4326008)(9326002)(478600001)(966005); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3789; H:MN2PR11MB4366.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: o8QxK/FTR37wJGRWNBcSjwL6QJg7/3v9gR3V4cnp9jZVnkJEWsi8UmG7xq6RZ/ibFubJrox2JCLV+yrTHxzopcSEnbVrmp9gjv6/XufeILRPbLUSBF983qkIxiPM1ccnWss51aHfTDtmmjVbei3J5R/u6rAYyBdsaP8udXkUX2zt4xCRv34kmcxWJzHvV9r+iY78RxplofQ/jlu8ftOeL7oVGJs4r74rkby/BijEuEL1x0/Jf8GnBOrQEcBQGPMaAnpSsHNxuPPymrUpgtpcMvKRe2SlxrR+AMZKXO4P5k251vMwtPE/lc3ZhY4ybVJWFIHtGoLX+FA2Vx3UbfxpZSFj3n2/n0tz6k/uF0x2F74B6r1mFBnjmP1pYgiAbmGlkhvgdTSu/bL69w2aEuaHLvixvQVLKLqrnXpKRoWdP/+Zixv9TfXw/KfI7JQ67RHmmrcwRCyYkwf3ImApN9BvO2g5OtVXQLTV0G7VusYYvKzxDqYMNzbdwR9ZPYbVi27Wi+GTEjn4nxngBcOxfb88cw==
x-ms-exchange-antispam-messagedata: 4HUnd92MVVavXmH//pBB4nPTdi5lL1aKK+VexoAl++yw42kb9LxfMvkCGnUB8IqL9E3ztibgCM0Nf51282DVbRgoZa7AJKYIelaUFd5NTFOT6c1c83gwPTM3R0DnthncRWTu2n4BjUc8jEDmpJza2g==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_MN2PR11MB4366B12A5C74EEC2AEB25C09B5FA0MN2PR11MB4366namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: ba9307f4-3f97-4463-c543-08d7c777f2bb
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Mar 2020 17:57:08.0474 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Bzqh+lAcAY3ByNRYmjh0uxZSqa65kak74NIqPC/RVEDFatf17UgNdwk5ynYFUmONzuJuwHc/j2qJW62/yCI6iw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3789
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.15, xch-aln-005.cisco.com
X-Outbound-Node: alln-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-and-github/pOdK9XI45E9LDUXOlCpYzz2r-1c>
Subject: Re: [Ietf-and-github] RobWilton review of draft-ietf-git-using-github-05
X-BeenThere: ietf-and-github@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of using GitHub in IETF activities, particularly for Working Groups" <ietf-and-github.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-and-github>, <mailto:ietf-and-github-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-and-github/>
List-Post: <mailto:ietf-and-github@ietf.org>
List-Help: <mailto:ietf-and-github-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-and-github>, <mailto:ietf-and-github-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Mar 2020 17:57:31 -0000

Hi Rob,

From: Ietf-and-github <ietf-and-github-bounces@ietf.org> On Behalf Of Rob Sayre
Sent: 13 March 2020 12:25
To: Rob Wilton (rwilton) <rwilton=40cisco.com@dmarc.ietf.org>
Cc: git-chairs@ietf.org; ietf-and-github@ietf.org; draft-ietf-git-using-github@ietf.org; The IESG <iesg@ietf.org>rg>; Martin Thomson <mt@lowentropy.net>et>; Christopher Wood <caw@heapingbits.net>
Subject: Re: [Ietf-and-github] RobWilton review of draft-ietf-git-using-github-05

On Fri, Mar 13, 2020 at 10:03 PM Rob Wilton (rwilton) <rwilton=40cisco.com@dmarc.ietf.org<mailto:40cisco.com@dmarc.ietf.org>> wrote:

My concern is less about losing the data (since that is being backed up), but more about losing control of an account/organization that is under the IETF's name.  I'm not sure what policies Github has for recovering an account/organisation that one loses control over, but I'm sure it would be hassle, and embarrassing.

How is this different from any other system the IETF might use?
[RW]

I’m not that familiar with all the IETF infrastructure or services that are used:

  *   If IETF is hosting stuff in the cloud, then I would imagine that relatively few folks have the owner/admin authorizations and they should already know to look after them carefully.
  *   For stuff being physically hosted by IETF then I presume that an admin could always disconnect them from the Internet, turn off the power, wipe the disk, etc.
  *   For other accounts, I suspect losing credentials is probably less impactful, but I don’t know what these services are.

In the github case, there are a few differences:

  *   The ADs and 150+ WG chairs may be less familiar about github and the security considerations – they may think that setting up 2FA isn’t worth the hassle.
  *   Over time it is plausible that github may host lots of IETF docs/drafts, and hence those documents may turn up more frequently in web searches.  If a prominent draft is in an account that IETF doesn’t control, then that draft could be modified in ways that cause problems and confusion.
  *   I don’t know how easy it is to get back control of a github account once you have lost it.  E.g. from https://help.github.com/en/github/authenticating-to-github/recovering-your-account-if-you-lose-your-2fa-credentials:



Warning: For security reasons, GitHub Support may not be able to restore access to accounts with two-factor authentication enabled if you lose your two-factor authentication credentials or lose access to your account recovery methods.

Thanks,
Rob




thanks,
Rob

v2.8.7 | Report a Bug | By Email