[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-project] email interface for Trac: a proposal

To: tor-project@xxxxxxxxxxxxxxxxxxxx, hiro@xxxxxxxxxxxxxx
Subject: Re: [tor-project] email interface for Trac: a proposal
From: David Goulet <dgoulet@xxxxxxxxx>
Date: Fri, 9 Dec 2016 13:09:34 -0500
In-reply-to: <4bca7a6e-95fa-d07f-993c-5d9317c1ea41@torproject.org>
List-id: "Moderated discussion list for tor contributors." <tor-project.lists.torproject.org>
References: <4bca7a6e-95fa-d07f-993c-5d9317c1ea41@torproject.org>
Reply-to: tor-project@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-project" <tor-project-bounces@xxxxxxxxxxxxxxxxxxxx>

On 09 Dec (18:54:32), Silvia [Hiro] wrote:
> Hi everyone,
> 
> I have been working my way through a wish list of Trac features, and
> started from implementing an interface to create and reply to tickets
> via email.
> 
> I now have a simple prototype, but before proceeding I'd like to receive
> some feedback on my proposal so far.
> 
> So here is my masterplan:
> 
> 1. Verify that the email is signed and the signature is recognised. For
> the moment and during the first pilot we could restrict this feature to
> @tpo addresses and verify the key w/ the info we have in db.tpo. Further
> on, we can verify the key by importing eventually missing keys from
> known keyservers.
> 
> I am implementing step 1 through procmail and a simple script.
> 
> 2. If the email has a valid signature, check permissions for the users,
> parse the email and create the ticket or reply to a thread.

One thing here that could block a user is the GPG key expiration. If the key
is expired, I guess the validation should fail but would be nice that the user
gets a meaningful message at that point.

In that case, this setup will need to have a quick way to retrieve a key that
is in the database but not working (expired). Not sure how to pull that off
but I'll let you think about it :).

I personally like this validation so we avoid unauthenticated SPAM on our trac
which is already bad enough sometimes with cypherpunks account.

Thanks hiro!
David

> 
> I am implementing step 2 through a python script, so that I can
> interface directly with Trac libraries.
> 
> Note that I am assuming that I am receiving somehow the email on the
> server. For testing purpose I have been configuring postfix, but this of
> course might change in prod.
> 
> A couple of questions I now have.
> 
> - Do you have any particular concern with this setup?
> 
> - Anything I should consider when introducing a change in a tpo
> infrastructure machine?
> 
> One last thing: the architecture is simple enough but I'd like to share
> my scripts and procmail setup, so that you can all have a look. Can I
> get a git repo for this project?
> 
> Thanks,
> 
> - s
> 
> 
> 
> _______________________________________________
> tor-project mailing list
> tor-project@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-project mailing list
tor-project@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

Follow-Ups:
- Re: [tor-project] email interface for Trac: a proposal
  - From: Peter Palfrader

References:
- [tor-project] email interface for Trac: a proposal
  - From: Silvia [Hiro]

Prev by Author: Re: [tor-project] Many bridges (22%) have nickname "ki"
Next by Author: [tor-project] Adding a "General" component to Trac
Previous by thread: [tor-project] email interface for Trac: a proposal
Next by thread: Re: [tor-project] email interface for Trac: a proposal
Index(es):
- Author
- Thread