| Kizule | |
| Oct 28 2018, 1:05 PM |
| F26933977: image.png | |
| Oct 28 2018, 1:05 PM |
| F26933960: image.png | |
| Oct 28 2018, 1:05 PM |
I added two ssh keys here on this Phabricator. I got same email two times:
I suggest to format of e-mail message should be something like as we have for Gerrit:
OR something like that what we have already for MediaWiki: https://translatewiki.net/wiki/MediaWiki:Notification-header-login-success/en
I'm not sure what makes the Gerrit message "better" here so I'm not sure what changes are desired. The Notification-header-login-success/en link also doesn't make what changes are desired clear to me. Is this task specifically asking for guidance to "contact your administrator"?
If you'd like upstream changes here, please:
@epriestley i think he means that it includes the public ssh key in the email (which is a safety feature).
Why is including the public key in the email a safety feature? (How does this make things safer?)
Can you walk me through a scenario, step by step, where the having the public key in the email makes things safer than not having the public key in the email?
I didn’t write that feature :) (we are duplicating it for another thing) but from what I know it allows someone to identity the key that is added thus knowing if someone has accessed their account and added a key.
See https://github.com/GerritCodeReview/gerrit/commit/251b1574d203b64ccb3fa6851fffed2c7f296921
I don't see how that commit explains why including the public key in the email is a safety feature, or what attack this feature is defusing, or why including the key is "better" than not including the key.
Just because another software package made a particular implementation decision doesn't automatically make that decision better or safer. For example, they may have included the public key to serve some obscure use case (unrelated to safety), and made it part of the default template to make testing easier. Or they may not have thought carefully about the decision at all, and just implemented it that way because it seemed reasonable.
If you want us to change the Phabricator upstream, it's important for us to understand why we're making a change. A reason like "Gerrit does it a certain way, so you should too" is not a good reason, and we will essentially never change Phabricator to work in a certain way only because other software works that way.
it allows someone to identity the key that is added thus knowing if someone has accessed their account and added a key
This doesn't make any sense to me as a motivation. Receiving the email allows users to do this whether the email includes the public key text or not.
Boldly declining due to no reply to epriestley's last comment and as no specific underlying problem has been presented that this request would solve.