"Pierre-Yves Rofes" <p...@gentoo.org> posted a4345526fd26a2a6f5dd3cccb4e9767d.squir...@mail.rofes.fr, excerpted below, on Tue, 10 Mar 2009 11:21:55 +0100:
>> We don't want some still active authorization and key >> from two years ago getting stolen and used to try to slip a bad commit >> under the radar [...] > > With some devs reviewing gentoo-commits@, I highly doubt that this > commit could go unnoticed more than a few hours. That's a relatively new and very good change, and may indeed change the thinking on this one, some. But why even risk that when (as rane just posted) there's all deliberate effort to contact on the way out and a fast return, for someone who hasn't put an away up, has ignored the contact efforts or after being contacted said yes, retire me, and who hasn't had any commits in months already, with no indication that's going to change. Can you imagine the PR on even a few hours' breach, when it turns out they'd been inactive for years, but their login was still active? Would you want it to be /your/ machines affected? Yes, it can happen with even active devs, but the risk is considered worth it there. But devs that have been inactive for months or years, and who have ignored contacts or even asked to be retired after the contact? IMO that's needless risk, (almost) entirely down-side (with "almost" in there only as a CYA on an otherwise absolute "entirely"), especially when reuptake is (as posted) so fast. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman
