[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Ambassadors] Summary of decision at today's FAmSCo meeting: Inactive Ambassadors



As you'll see in the forthcoming meeting minutes, FAmSCo voted on dealing with inactive Ambassadors in this weeks meeting. There were other discussions that occurred at the FAmSCo meeting, but not decision was made, this summary is limited to how FAmSCo voted to handle inactive Ambassadors. You may recall that over the years that this discussion has regularly popped up on the Fedora list. One of the problems that was consistently faced, in those discussions was a means of determining whether an Ambassador was active or not. It was often hard to tell what was going on in the regional or local space, and the large variety of ways of being active within the scope of the Ambassadors subproject.. An arbitrary standard that could be applied to all fairly was a missing piece. There have also been attempts in multiple regions to confirm whether an Ambassador is active by sending them an email and asking them to respond, these met with what can at best be described as marginal success. For better or worse, that has left us with no good way to regularly maintain membership like other subprojects such as Art and Package Maintainers have in place. Recently however Fedora's Infrastructure team forced a password reset to mitigate a security vulnerability. This involved sending out numerous emails notifiying and reminding people of the fact that this password reset was mandatory and failure to act would result in their Fedora account being marked inactive and thus unusable unless a password reset occurred. This effectively meant that all Fedora services (Talk, wiki edits, cvs, fedorahosted, etc) were unavailable to people who chose to ignore the repeated directions. This provided us with an ideal arbitrary, test that was easy to apply to everyone, and provides something far more manageable than "I'm here" messages.
To give you an idea of the scope of the problem, we asked Infrastructure to tell us how many Ambassador accounts were marked inactive. Out of 772 Ambassadors 300 of them were marked inactive. I was honestly shocked it was that high, but really given that we are 3 years into this project it doesn't surprise me that this is the case. It is natural in any project for people to leave or become disinterested.

FAmSCo voted on the following proposal in its regularly scheduled meeting this week:
That FAmSCo direct the Ambassador Membership Service to request from Infrastructure a list of all users who are Ambassadors and whose account has remained inactive for a period of greater than 30 days after a password reset, and further that FAmSCo direct the Membership Service to purge said users from the Ambassadors list

At the time 5 members of FAmSCo were present, and 5 +1's were recorded, and thus the proposal passed. FAmSCo realizes this is a topic that has and will likely continue to cause much consternation. So I'll note a few points. This in no way stops a person from re-applying to the Ambassadors should they find themselves purged under this policy. I fully expect that no one who reads this will be hindered by this policy as it is still possible to reset your password and thus change your account to an active state. (go here to do that: https://admin.fedoraproject.org/accounts/login) In all honesty there was discussion that we should wait on Infrastructure and let them do the purging. (Infrastructure has indicated to FAmSCo that in the coming months they will be removing all groups from a Fedora Account that is inactive in order to truly mitigate the security risk.) As easy as that would have been to do, global policy for the Ambassadors project is the responsibility of FAmSCo and we won't shirk that duty. I am sure there will be a flurry of questions and comments about this policy. I encourage you to post to this thread or another on the mailing list. That said please feel free to contact me or any member of FAmSCo directly via email or find us on IRC.


David Nalley

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]