W3C home > Mailing lists > Public > public-w3process@w3.org > January 2017

Re: Organizational policies related to github

From: Armin Haller <armin.haller@anu.edu.au>
Date: Mon, 23 Jan 2017 05:07:13 +0000
To: Jeff Jaffe <jeff@w3.org>, "chaals@yandex-team.ru" <chaals@yandex-team.ru>, Terence Eden <terence.eden@digital.cabinet-office.gov.uk>
CC: Norman Walsh <norman.walsh@marklogic.com>, "w3c-ac-forum@w3.org" <w3c-ac-forum@w3.org>, "public-w3process@w3.org" <public-w3process@w3.org>
Message-ID: <4A556A0A-7790-4406-8B14-CAACC0D0EB98@w3.org>
Hi Jeff,

Government agencies in Australia (we have three such members, DHS, DTA and ABS) in general do not whitelist Github and staff can only access it on their private machines. Not a huge issue, but just another blocker for Australians to participate (beyond the timezone issues).

Kind regards,

From: Jeff Jaffe <jeff@w3.org>
Date: Monday, 9 January 2017 at 5:27 pm
To: <chaals@yandex-team.ru>, Terence Eden <terence.eden@digital.cabinet-office.gov.uk>
Cc: Norman Walsh <norman.walsh@marklogic.com>, "w3c-ac-forum@w3.org" <w3c-ac-forum@w3.org>, "public-w3process@w3.org" <public-w3process@w3.org>
Subject: Re: Organizational policies related to github
Resent-From: <w3c-ac-forum@w3.org>
Resent-Date: Mon, 09 Jan 2017 06:27:31 +0000


I started this thread a little less than a week ago [1].

So far, I have received private information from two Members about github restrictions; both from government agencies or government related industries (from two different countries).

In one case, github is not on the whitelisted set of sites that can be used.  The workaround is to use one's private PC.

In the second case, policies are in flux.  There has not yet been a problem for this Member to access W3C information on github, but there had been some problem in getting access to an IETF WG.

That's all that I received, other than the comments about 2FA.


[1] https://lists.w3.org/Archives/Member/w3c-ac-forum/2017JanMar/0004.html

On 1/9/2017 12:32 AM, chaals@yandex-team.ru<mailto:chaals@yandex-team.ru> wrote:
OK, it sounds like there is enough that this isn't a blocker - and even if it were, the pace of process changes is probably slow enough to cope anyway. So the question is still whether there are members who really can't work with github. I still haven't seen any effort to determine that systematically, which I think we should undertake both as sanity check and courtesy.

I'll send a mail with a clear subject, and if we don't hear that there are problems I'll move forward with this…


05.01.2017, 09:35, "Terence Eden" <terence.eden@digital.cabinet-office.gov.uk><mailto:terence.eden@digital.cabinet-office.gov.uk>:
Github supports TOTP or SMS or Printed recovery codes

So you can have an authenticator app on your phone, tablet, watch...

You're not tied in to receiving SMS for your login codes.

On 5 January 2017 at 06:36, <chaals@yandex-team.ru<mailto:chaals@yandex-team.ru>> wrote:

03.01.2017, 19:14, "Norman Walsh" <Norman.Walsh@marklogic.com<mailto:Norman.Walsh@marklogic.com>>:
> Terence Eden <terence.eden@digital.cabinet-office.gov.uk<mailto:terence.eden@digital.cabinet-office.gov.uk>> writes:
>>  Our department requires that internal users have 2FA enabled.
> That seems like a plausible requirement for write access to me.

It does. Except that without a solution for easily swapping the number for second factor message nor free SMS everywhere, it's likely to be a reason for not making merges when I'm not at home. Which is fairly often.


Charles McCathie Nevile - standards - Yandex
chaals@yandex-team.ru<mailto:chaals@yandex-team.ru> - - - Find more at http://yandex.com<http://yandex.com/>

Terence Eden
Open Standards Lead
+44 7717 512 963<tel:+447717512963>
Government Digital Service
[age removed by sender.]

Charles McCathie Nevile - standards - Yandex
chaals@yandex-team.ru<mailto:chaals@yandex-team.ru> - - - Find more at http://yandex.com

Received on Monday, 23 January 2017 05:08:02 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 January 2017 05:08:04 UTC