On Wed, 29 Jul 2015 02:14:27 -0500 (CDT) Michael Hennebry <hennebry@xxxxxxxxxxxxxxxxxxxxx> wrote: > On Tue, 28 Jul 2015, Kevin Fenzi wrote: > > > On Tue, 28 Jul 2015 17:39:55 -0500 (CDT) > > Michael Hennebry <hennebry@xxxxxxxxxxxxxxxxxxxxx> wrote: > > > >>> The above is stuff thats all being worked on, yelling at anyone is > >>> unlikely to change the speed at which it gets done. > >> > >> What does "worked on" mean? > > > > I have been talking with pam, libpwquality, anaconda, > > gnome-initial-setup and passwd maintainers to come up with a > > technical way to implement a default policy. As well as a way to > > override it for local users or products that wish a different > > policy. > > If "local users" means people typing in passwords, that is good. It means local authentication. As opposed to say a password in a remote freeipa server or the password to your google account or the like. > That would be good, but from what I can see, > the proposal does not specify a particular behavior. > It specifies parameters from which a policy can be generated. I'm not sure I am able to parse your meaning there. > No one was worried that there might not be a distro-wide policy. > The worry was that the policy would be truly annoying. ok, but perhaps you could wait until there is a policy to decide that? Many things could be anoying someday somehow. > If "users ... overriding it" means that the person > typing in the password can just say yes, that is good. > If anaconda's policy does not allow, that would be bad. Yes, the person will be able to see "Your password is too simple" Or "Your password is based on a dictionary word" or "Your password is in this list of 10,000 cracked passwords from other sites on the net" or whatever and then they can decide to just use that poor password anyhow. > From what I can tell, anaconda might be shipped with a policy that > requires 666-character passwords and does not allow the user to just > say yes. Hyperbole. ;) > The *decision* to fix the annoyance that started > this discussion does not require waiting for fesco. > The anaconda folks can, if they so desire, make anaconda > warn about bad passwords without necessarily rejecting them. > It's possible that the anaconda folks promised to do just that. > If so, I missed it. > A pointer to said promise would be good news. Sure, anaconda developers can choose to do whatever they like, and in the absence of a distro wide policy they did so. > I've seen at least one case of vehemence > over clarity by a professional writer. > In the heat of the utterance, neither said writer nor most of his > readers noticed that he had not quite stated what they thought he had. I'm not following here... > A sufficiently annoyed anaconda person might respond > with vehemence that they are working on it. > Not very informative if the reader suspects that they > do not share the same judgement of the status quo. > "working on it" might mean setting the status quo in stone*. Well, sure, thats the case in any open source project. You as a user of that project are welcome to try and convince the people doing work to change things to what you desire. If you fail to do this, then it will not get done. After a decision has been made to you suppose more and more queries to change the decision will go well? > > I appreciate that this is a very hot button issue for some folks, > > and I also appreciate that you want a solution 2 weeks ago, but I'm > > doing the best I can here to move us all to a nice standard distro > > policy and we aren't even at alpha yet. > > Again, the issue was never "how fast are we getting a policy?". > The issue was always "what policy are we getting?". > > How many people usually participate in alpha? No idea. Stats are very hard to come by for lots of reasons. kevin
Attachment:
pgpPZ8DvSan77.pgp
Description: OpenPGP digital signature
-- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test