On Thu, Sep 15, 2022 at 5:55 PM Kevin Fenzi <kevin@xxxxxxxxx> wrote: > > On Thu, Sep 15, 2022 at 09:26:36AM +0300, Alexander Bokovoy wrote: > > > > Proven packagers seem to be a fair category to address. Also packagers > > responsible for security-related bits of the distribution. Compilers? Perhaps any packager who has a package in one of the critical path lists? That number (of package(r)s) may be a bit large, though, for an initial cut (as I recall, the total number of critical path packages is around 1000 in rawhide, although I have no idea how many packagers that is). > As far as I know, it's not possible to enforce otp per group is it? > That would be a nice enhancement. Especially if one would like that any enforcement be semi-automatic rather than one more manual step when adding people to groups. > > Though with Token2 FIDO2 tokens that cost 14EUR themselves we get close > > enough to a lower boundary. > > Yeah, it will still be hard to require 100% of packagers, but it might > be doable. And, as has been previously pointed out, it is also possible (although depending on the implementation not as secure) to use other pkcs11 backends, including software implementations. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
