[csw-maintainers] [policy] GPG Signing Key handling
Ben Walton
bwalton at opencsw.org
Thu Feb 10 05:04:38 CET 2011
Excerpts from Peter FELECAN's message of Wed Feb 09 03:43:09 -0500 2011:
Hi Peter,
> > A question then should also be raised of whether "the board" is
> > expected to hold a copy of *all* digital assets at all times.
> > For example, the root password, and database master passwords, for
> > every machine and service associated with opencsw. Currently, "the
> > board" does not hold such things in a formal sense, and as far as I
> > have heard, has no plans to do so as "a policy".
>
> You brought up a very interesting issue and I think that indeed the
> board must have the root password and database master
> passwords. However, this is not in the scope of this discussion.
I agree with you on the database passwords (and other passwords of
similar nature), but as I mentioned in my reply to Phil, I'm not sure
it is the right of the OpenCSW foundation to demand root passwords for
equipment that we don't own.
We're privileged to have these resources dedicated to our use. None
of the sponsors are required to do this. It doesn't hurt to ask, but
I personally would not want to force the issue if they say no. If we
make demands such as this, they may reconsider their charity. Please
let me know if you feel otherwise.
Thanks
-Ben
--
Ben Walton
Systems Programmer - CHASS
University of Toronto
C:416.407.5610 | W:416.978.4302
More information about the maintainers
mailing list