Re: F23 Self Contained Change: Standardized Passphrase Policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jun 23, 2015 at 12:21 PM, Jan Kurik <jkurik@xxxxxxxxxx> wrote:
> = Proposed Self Contained Change: Standardized Passphrase Policy =
> https://fedoraproject.org/wiki/Changes/Standardized_passphrase_policy

Um... how is this Self Contained?  If we're creating a standardized
distro wide policy, it is by definition not self contained.  Even if
the scope is limited only to the packages listed (which seems
pointless), it still isn't self contained.

josh

>
> Change owner(s):
> * Kevin Fenzi <kevin at scrye dot com>
> * David Cantrell <dcantrell at redhat dot com>
> * Tomas Mraz <tmraz at redhat dot com>
>
> Currently a number of places ask users to set passphrases/passwords. Some of them enforce some kind of rules for passphrases/passwords, others different rules. This change would create a common base policy for as many of these applications as possible, allowing for local users or products to override this base in cases they need to do so.
>
> == Detailed Description ==
> We should have a base passphrase/password policy for applications to use. This allows them all to be consistent and also provide our users with needed security. Additionally, we should make it possible for our users to adjust this base policy as they need depending on their use cases.
>
> The applications involved in this change should be at least:
> * anaconda - sets initial root and user passphrases/passwords.
> * passwd - command line utility that changes passphrases/passwords.
> * initial-setup - sets up users if they were not setup in anaconda.
> * libpwquality - doesn't set passwords, but should be used in common for quality checking in a consistent manner.
>
> We should provide a way for users or products to adjust this policy, and also a way to allow overriding it (if the policy allows).
>
>
> == Scope ==
> * Proposal owners: Will work with owners of these components to try and come up with a generic policy for passphrases/passwords and how to implement it, then get FESCo to approve this policy and then implement it.
> * Other developers: Will need to adjust applications and config to use a common set of requirements that can be overriden in one place.
> * Release engineering: None
> * Policies and guidelines: Will need to be approved by FESCo and FPC (not a System Wide Change)
> * Trademark approval: N/A (not needed for this Change)
>
> --
> Jan Kuřík
> _______________________________________________
> devel-announce mailing list
> devel-announce@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/devel-announce
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux