Page MenuHomePhabricator

Security Credentialing Efforts
Closed, ResolvedPublic

Description

The purpose of this Epic is to consolidate all Security Credentialing Tasks together in order to bring visibility to ensure there are not duplicate efforts and to allow structure to the traction of the tasks.

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 7 2019, 3:43 PM
sbassett triaged this task as Medium priority.Jan 7 2019, 4:18 PM
Aklapper removed a subscriber: Security-Team.

So there's a tag where a lot of password/credential-related tasks are tracked: https://phabricator.wikimedia.org/project/board/148/. But similar to Security, it's fairly noisy. Some recent password/credential-related tasks have been public (e.g. the proposed haveibeenpwned service T189641), though many others are security-protected for obvious reasons. If we'd like to track those here, we may want to consider making this a security-protected task as well, at least for the time being. There's also a fairly enormous body of password/credential-related tasks in various states of decay from the past decade or so. Some of these do seem to have recent, relevant discussions on them, but many are probably too stale for what we would want to track here.

Bawolff added a subscriber: Bawolff.Jan 7 2019, 4:38 PM

If you make an existing security task be a child task of a public task, it will only show up when people have rights to view, so it all works out fine.

Right, I just meant more for sanity's sake and in case discussion from any of those tickets accidentally wandered over here :)

Jcross closed this task as Resolved.Sep 23 2019, 4:42 PM
Jcross claimed this task.
Jcross added a subscriber: Jcross.

Resolving for the time being. Will revisit should the desire to pursue arise.