Orbit eTOG Listing Service: RFC-47 Security with Growing eTOG Access
Description: As access to my eTOG assigning authority has grown, I've become less comfortable with my assignments on some secure TOGs.
I think it would be cool if we could find some sort of solution where the visibility of a secure assignment is limited only to the individuals within the assigning authority at the moment of the secure assignment being made, but I think this would require individual accounts which seems unpleasant. Example: John and sprUnkus are part of assigning authority X. John gets added to secure TOG T+FFFE under assigning authority X. sprInkus gets added to assigning authority X. sprInkus cannot see John's assignment, but sprUnkus can. !!closed!!
Comments:
- I don't see a way to do this without individual accounts. It wouldn't be that onerous to do individual accounts if the commonly held view is that we want that
- I imagine the way to do this would be make existing AA accounts into 'stem' accounts that give you the ability to create your own but not interact directly. Then people with credentials would be migrated to creating and using their own accounts as they next try to make a change
- two concerns: 1 that's inconvinent because then you have to remember a username/password and 2. would we expose the authorship information or just the stem AA? I think just the stem AA personally since "who the fuck did that" is part of the fun
- Resolved: use codenames
Home