Here are some notes taken from the CERN pre-dojo meeting from last week : <paste> Allow SIGs to have separate accounts for build bots - separate user accounts from "bot" accounts for security reasons - [proposal] have an email alias (not list) per sig for the bots, like sig-<bla>@centos.org pointing to the SIG's chair - [proposal] SIG chair must request or approve email alias requests/ ACO account creation sent to CentOS Board chairman </paste> So, (as also discussed yesterday in the CBS meeting - https://www.centos.org/minutes/2017/October/centos-devel.2017-10-23-14.01.log.html) The proposal would be to create a @centosproject.org (or @centos.org) email alias, that would go to SIG chair, and that would be used to create an account on https://accounts.centos.org While we can manually generate x509 cert with longer validity period, we discussed the fact that using centos-cert just takes 2 seconds every 6 months, so SIG members who were present didn't find it a real issue. (email notifications go to SIG chair - and/or other members ? - in advance so easy to follow) That's probably the workflow people use already anyway, while Brian confirmed that longer-term a proper credentials store would be on the roadmap, but soon. -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20171024/2deb22f9/attachment-0007.sig>