Mailinglist Archive: opensuse-features (208 mails)
| < Previous | Next > |
[openFATE 306625] automatic email alias, irc cloak, lizards data generation on users.o.o
- From: fate_noreply@xxxxxxx
- Date: Thu, 14 Apr 2011 01:19:11 +0200 (CEST)
- Message-id: <feature-306625-15@keeper.suse.de>
Feature changed by: Scott Couston (zczc2311)
Feature #306625, revision 15
Title: automatic email alias, irc cloak, lizards data generation on
users.o.o
Hackweek IV: Evaluation by project manager
Priority
Requester: Important
Requested by: Hendrik Vogelsang (hennevogel)
Requested by: Joe Brockmeier (jbrockmeier)
Project Manager: (Novell)
Engineering Manager: (Novell)
Partner organization: openSUSE.org
Description:
To be able to maintain the list of @opensuse.org email aliases,
freenode irc cloaks and lizards.o.o logins for members the openSUSE
board is looking for a ruby hacker willing to implement automatic
generation of aliases/cloaks in users.opensuse.org. users.o.o is a ruby
on rails application.
Each opensuse member has 2 email aliases (login@xxxxxxxxxxxx, forename.
surname@xxxxxxxxxxxx) an freenode IRC cloak and a wordpress login to
lizards.opensuse.org. At the moment this data is exported and imported
manualy to the different systems. What we would need is a way to make
this automatic and have the data changeable by the user.
Additionally the member check for contribution should be automized. We
check participation with the following defaults: bugzilla login, bugs,
wiki edits, user page, contrib on mls. An automatic check could shorten
the evaluation as well if it simply shows in a yes/no style if there is
any. And Zonker would like to see the adresses to be put in there as
well (yes, on a voluntary base) to have them if eg. people go to a
conference and get some stuff sent to.
Discussion:
#1: Pavol Rusnak (prusnak) (2009-08-27 16:08:59)
The whole users.o.o portal should be rewritten to include the features
like the ones we could find in launchpad.net (e.g.
https://launchpad.net/~stick84) or Fedora Accounts System.
(Uncomplete) Feature list (or the list of the user attributes):
* email contact
* jabber contact
* openpgp keys
* SSH keys
* openid logins
* spoken languages
* computer languages
* location + time zone
* group membership (packager, wiki editor, reviewer, board member, ...)
* avatar
* opensuse.org email aliases
* freenode irc cloaks
* ...
We'll discuss this in more detail during Multipliers Kickoff and I
would like to work on this afterwards.
#2: Scott Couston (zczc2311) (2011-04-03 04:27:42)
Preface: Please forgive my Verbose comment and/or suggestions here.
The following may well have already been undertaken, and if so: my
apologies. The main reason for my comment is that after 4 years I have
never seen any reference to any ISO; nor seen one adopted etc.. - I may
be horribly incorrect here
Well before we look at the functional nuts and bolts aspects to this
request, l would suggest that Policy needs discussion. The functional
creation of 'Connect' needs to function according to policy. If there
is a Policy Document and Functional Specification; please provide URL's
Rather than reinvent the wheel, I would suggest that a Data Policy
documents should follow the guidelines already available in various
ISO's. ISO- International Standards - Quality Assurance documents have
been in refinement for several decades as a result of the E.U meetings
in Brussels.
The ISO's are many and varied and cover manufacturing, construction,
marketing, mining, safe handling and storage of food, mining and
distribution of Rare Earth Minerals, I.T...and endless levels of any
creative development of Man!
http://www.questanalytical.com/Document%20Control/documentation.html
It is not unusual for an entity to follow parts of a few ISO's. - For
example the bulk of our I.T International Standards are covered in ISO
9002, 9004 (Off the Top of my head). I would suggest we examine the
existing ISO on the aspect of Data Security well before we construct
such an application - From what I have seen this may well be far too
late to bring the 'Connect' Applications' development into line with
International Standards of Data Security!
Online Databases containing vast amounts of personal information scream
out for having their design comply along International Data Security
Standards of Quality.
#4: Per Jessen (pjessen) (2011-04-13 08:03:33) (reply to #2)
"International Standards of Data Security" - to my knowledge, there are
no such standards. ISO9001 is about quality management, ISO27001 is
about information security, but that's different. Standards such as
HIPAA and PCI are not international nor do they really apply to
openSUSE.
+ #5: Scott Couston (zczc2311) (2011-04-14 01:18:48) (reply to #4)
+ Per, the above statement frightens the hell out of me....ISO are our
+ World Standard of both Quality and establishing the best processes to
+ fulfil it and to state fundamentals that must be included in design and
+ manufacturing markets. I would suggest you obtain the Index list from
+ Brussels ISO Office or just the net....Off the top of my head some of
+ the ISO's that made up our industry are taken from the following: ISO
+ 15489-1:2001 Information and documentation - Records management - Part
+ 1: General International Organization for Standardization / 01-Sep-2001
+ / 26 pages ISO/TR 15489-2:2001 Information and documentation - Records
+ management - Part 2: Guidelines International Organization for
+ Standardization (Technical Report) / 01-Sep-2001 / 46 pages ISO 19011:
+ 2002 Guidelines for quality and/or environmental management systems
+ auditing SO/IEC 90003:2004 Software engineering - Guidelines for the
+ application of ISO 9001:2000 to computer software International
+ Organization for Standardization/International Electrotechnical
+ Commission / 01-Feb-2004 / 54 pages
+ ISO's Apply to ever endeavour that man does, except in the US where
+ they have legislated Quality aspects after the SOX.litigation and loss
+ of data required legislation as the US Market could not reply on
+ everyone adhering to QA ISO...They dont use QA at all in the USA. -
+ They just legislate the holes in data security when something big falls
+ through it - I am very surprised you cannot recall the SOX...etc...
+ Legislation in the US as it represented the biggest enforceable bit of
+ legislation to effect ANY Country since history began purely on Data
+ Security had occurred ... http://en.wikipedia.org/wiki/Sarbanes%E2%80%
+ 93Oxley_Act (http://en.wikipedia.org/wiki/Sarbanes%E2%80%93Oxley_Act)
+ http://www.sox-online.com/basics.html http://www.soxlaw.com/index.htm
+ Your Analysis have the job of conforming to ISO and being aware of US
+ Legislation well before the Programmer writes the first line of code...
+ Bugzilla and all PMS Systems are designed to enforce quality, however
+ our current philosophy use negates all its benefit that it a PMS is
+ designed to do
#3: Scott Couston (zczc2311) (2011-04-13 04:18:01)
I am very alarmed at: The connect database is a default opt-in The
default visibility, clocked or otherwise, is either public or logged in
users. I am not specifically concerned with myself...but to have a opt-
in default for all users/members from old lists and the default
visibility being either public or logged in users is just asking for a
flood of complaints..I am not concerned with myself, my concerns are
about this project possibly hurting opensuse and its members.
I would suggest that urgent action be taken on ALL contact info be bulk
changed to private and for every member o the database to be emailed
requesting them to change add or modify their profile as they see fit!
This could be very ugly in my humble opinion
--
openSUSE Feature:
https://features.opensuse.org/306625
Feature #306625, revision 15
Title: automatic email alias, irc cloak, lizards data generation on
users.o.o
Hackweek IV: Evaluation by project manager
Priority
Requester: Important
Requested by: Hendrik Vogelsang (hennevogel)
Requested by: Joe Brockmeier (jbrockmeier)
Project Manager: (Novell)
Engineering Manager: (Novell)
Partner organization: openSUSE.org
Description:
To be able to maintain the list of @opensuse.org email aliases,
freenode irc cloaks and lizards.o.o logins for members the openSUSE
board is looking for a ruby hacker willing to implement automatic
generation of aliases/cloaks in users.opensuse.org. users.o.o is a ruby
on rails application.
Each opensuse member has 2 email aliases (login@xxxxxxxxxxxx, forename.
surname@xxxxxxxxxxxx) an freenode IRC cloak and a wordpress login to
lizards.opensuse.org. At the moment this data is exported and imported
manualy to the different systems. What we would need is a way to make
this automatic and have the data changeable by the user.
Additionally the member check for contribution should be automized. We
check participation with the following defaults: bugzilla login, bugs,
wiki edits, user page, contrib on mls. An automatic check could shorten
the evaluation as well if it simply shows in a yes/no style if there is
any. And Zonker would like to see the adresses to be put in there as
well (yes, on a voluntary base) to have them if eg. people go to a
conference and get some stuff sent to.
Discussion:
#1: Pavol Rusnak (prusnak) (2009-08-27 16:08:59)
The whole users.o.o portal should be rewritten to include the features
like the ones we could find in launchpad.net (e.g.
https://launchpad.net/~stick84) or Fedora Accounts System.
(Uncomplete) Feature list (or the list of the user attributes):
* email contact
* jabber contact
* openpgp keys
* SSH keys
* openid logins
* spoken languages
* computer languages
* location + time zone
* group membership (packager, wiki editor, reviewer, board member, ...)
* avatar
* opensuse.org email aliases
* freenode irc cloaks
* ...
We'll discuss this in more detail during Multipliers Kickoff and I
would like to work on this afterwards.
#2: Scott Couston (zczc2311) (2011-04-03 04:27:42)
Preface: Please forgive my Verbose comment and/or suggestions here.
The following may well have already been undertaken, and if so: my
apologies. The main reason for my comment is that after 4 years I have
never seen any reference to any ISO; nor seen one adopted etc.. - I may
be horribly incorrect here
Well before we look at the functional nuts and bolts aspects to this
request, l would suggest that Policy needs discussion. The functional
creation of 'Connect' needs to function according to policy. If there
is a Policy Document and Functional Specification; please provide URL's
Rather than reinvent the wheel, I would suggest that a Data Policy
documents should follow the guidelines already available in various
ISO's. ISO- International Standards - Quality Assurance documents have
been in refinement for several decades as a result of the E.U meetings
in Brussels.
The ISO's are many and varied and cover manufacturing, construction,
marketing, mining, safe handling and storage of food, mining and
distribution of Rare Earth Minerals, I.T...and endless levels of any
creative development of Man!
http://www.questanalytical.com/Document%20Control/documentation.html
It is not unusual for an entity to follow parts of a few ISO's. - For
example the bulk of our I.T International Standards are covered in ISO
9002, 9004 (Off the Top of my head). I would suggest we examine the
existing ISO on the aspect of Data Security well before we construct
such an application - From what I have seen this may well be far too
late to bring the 'Connect' Applications' development into line with
International Standards of Data Security!
Online Databases containing vast amounts of personal information scream
out for having their design comply along International Data Security
Standards of Quality.
#4: Per Jessen (pjessen) (2011-04-13 08:03:33) (reply to #2)
"International Standards of Data Security" - to my knowledge, there are
no such standards. ISO9001 is about quality management, ISO27001 is
about information security, but that's different. Standards such as
HIPAA and PCI are not international nor do they really apply to
openSUSE.
+ #5: Scott Couston (zczc2311) (2011-04-14 01:18:48) (reply to #4)
+ Per, the above statement frightens the hell out of me....ISO are our
+ World Standard of both Quality and establishing the best processes to
+ fulfil it and to state fundamentals that must be included in design and
+ manufacturing markets. I would suggest you obtain the Index list from
+ Brussels ISO Office or just the net....Off the top of my head some of
+ the ISO's that made up our industry are taken from the following: ISO
+ 15489-1:2001 Information and documentation - Records management - Part
+ 1: General International Organization for Standardization / 01-Sep-2001
+ / 26 pages ISO/TR 15489-2:2001 Information and documentation - Records
+ management - Part 2: Guidelines International Organization for
+ Standardization (Technical Report) / 01-Sep-2001 / 46 pages ISO 19011:
+ 2002 Guidelines for quality and/or environmental management systems
+ auditing SO/IEC 90003:2004 Software engineering - Guidelines for the
+ application of ISO 9001:2000 to computer software International
+ Organization for Standardization/International Electrotechnical
+ Commission / 01-Feb-2004 / 54 pages
+ ISO's Apply to ever endeavour that man does, except in the US where
+ they have legislated Quality aspects after the SOX.litigation and loss
+ of data required legislation as the US Market could not reply on
+ everyone adhering to QA ISO...They dont use QA at all in the USA. -
+ They just legislate the holes in data security when something big falls
+ through it - I am very surprised you cannot recall the SOX...etc...
+ Legislation in the US as it represented the biggest enforceable bit of
+ legislation to effect ANY Country since history began purely on Data
+ Security had occurred ... http://en.wikipedia.org/wiki/Sarbanes%E2%80%
+ 93Oxley_Act (http://en.wikipedia.org/wiki/Sarbanes%E2%80%93Oxley_Act)
+ http://www.sox-online.com/basics.html http://www.soxlaw.com/index.htm
+ Your Analysis have the job of conforming to ISO and being aware of US
+ Legislation well before the Programmer writes the first line of code...
+ Bugzilla and all PMS Systems are designed to enforce quality, however
+ our current philosophy use negates all its benefit that it a PMS is
+ designed to do
#3: Scott Couston (zczc2311) (2011-04-13 04:18:01)
I am very alarmed at: The connect database is a default opt-in The
default visibility, clocked or otherwise, is either public or logged in
users. I am not specifically concerned with myself...but to have a opt-
in default for all users/members from old lists and the default
visibility being either public or logged in users is just asking for a
flood of complaints..I am not concerned with myself, my concerns are
about this project possibly hurting opensuse and its members.
I would suggest that urgent action be taken on ALL contact info be bulk
changed to private and for every member o the database to be emailed
requesting them to change add or modify their profile as they see fit!
This could be very ugly in my humble opinion
--
openSUSE Feature:
https://features.opensuse.org/306625
| < Previous | Next > |