Changes between Version 1 and Version 2 of org/meetings/2017Montreal/Notes/BusFactor


Ignore:
Timestamp:
Oct 15, 2017, 8:39:50 PM (21 months ago)
Author:
qbi
Comment:

added comments, formatted page

Legend:

Unmodified
Added
Removed
Modified
  • org/meetings/2017Montreal/Notes/BusFactor

    v1 v2  
    1 Bus factor session
    2 ==================
     1
     2== Bus factor session ==
    33
    44Date: 13/10 2017.
     
    2323details of our setup. The group introduces the session topic to Jens.
    2424
    25 - The backup setup is currently at Hetzner. We discuss geographical
     25- The backup setup is currently at Cymru. We discuss geographical
    2626  distribution. We discuss problems related to having everything at
    2727  Hetzner: what happens if the company goes bankrupt? The entire network
    28   is down in multiple data-centers.
     28  is down in multiple data-centers. Cymru is a different place than Hetzner, so it is distributed.
    2929
    3030Nick mentions that there is a central file of our hosts and the puppet
     
    6060Rob or Sina might be our contact for this.
    6161
    62 ## PGP Keys
     62=== PGP Keys ===
    6363
    6464Roger moves over to talking about PGP keys.
     
    7070We need to identify if there are pins for the PGP keys for Tor browsers.
    7171
    72 ## External Services
     72=== External Services ===
    7373
    7474Nick mentions that there are accounts on different services, for
     
    7979creation of the account. Nick or Roger have to approve it. We never
    8080delete accounts right now - should maybe change?
     81- Requirements for new accounts: https://help.torproject.org/tsa/doc/accounts/
    8182
    8283Mailman: Nick, Damian, Roger, Jens, and Weasel have access to this. We
    8384need some documentation about how mailman is used.
     85- The mailman wiki is a good source of documentation: https://wiki.list.org/ What else do we need?
    8486
    8587Nick mentions that we could do an "audit" where we go over our puppet
     
    9496like grants.gov that Brad might have access to.
    9597
    96 ## Software Development
     98=== Software Development ===
    9799
    98100We have projects with one maintainer that signs releases, but its
     
    106108is also mentioned that everyone should be able to go on vacation.
    107109
    108 ## Trust Bottlenecks
     110=== Trust Bottlenecks ===
    109111
    110112Roger mentions that, for example, if Nick is the only one announcing Tor
     
    117119goes on vacation and we need to contact the auditors.
    118120
    119 ## Physical Security
     121=== Physical Security ===
    120122
    121123Nick mentions that it is good that with Git as part of the software
     
    123125repository with commits, etc.
    124126
    125 ## Personal Contacts
     127=== Personal Contacts ===
    126128
    127129How we do we ensure that people knows different people that we depend
     
    146148Generally things would be "OK" for most people (not the sysadmins!).
    147149
    148 ### What happens if someone attacks the directory authorities?
     150==== What happens if someone attacks the directory authorities? ====
    149151
    150152We currently need at least 5 of them online to work. How well are these
     
    159161the directory authority people should talk about.
    160162
    161 ## History in the org
     163=== History in the org ===
    162164
    163165We haven't documented very well when things happened historically to
     
    169171Taylor mentions that there are historians who are interested in
    170172technical "companies" and document their history. This is focused
    171 especially on oral stories that are very known by Poul, Nick, and Roger.
     173especially on oral stories that are very known by Paul, Nick, and Roger.
    172174
    173175Shari mentions if this would be an interesting internship opportunity
     
    176178might know someone here?
    177179
    178 ## Metrics single point of failures
     180=== Metrics single point of failures ===
    179181
    180182The metrics team used to have some cron jobs that was troublesome.
     
    193195able to use.
    194196
    195 ## Collaborators on projects
     197=== Collaborators on projects ===
    196198
    197199This should be possible to find out by going over Tommy's list.
    198200
    199 ## Hiring Tor sysadmin
     201=== Hiring Tor sysadmin ===
    200202
    201203This is a problem in that we cannot just send out an open letter to
     
    205207access to the systems.
    206208
    207 ## The donation infrastructure
     209=== The donation infrastructure ===
    208210
    209211The donation infrastructure is independent of normal infrastructure (run
     
    211213this. Giant Rabbit is running the service.
    212214
    213 ## Board bottlenecks
     215=== Board bottlenecks ===
    214216
    215217We do not believe we have any board bottlenecks.
    216218
    217 ## What happens if the ED leaves
     219=== What happens if the ED leaves ===
    218220
    219221We would go to brad and ewyatt and ask them for what to do?
     
    224226bank account?
    225227
    226 ## Social bottlenecks
     228=== Social bottlenecks ===
    227229
    228230We need to be sure that if key employee leaves that things are passed on
     
    232234what knowledge they have that might not be shared.
    233235
    234 ## Torservers.net
    235 
    236 If Moritz disappears what happens here? Juris is the backup person.
     236=== Torservers.net ===
     237
     238If Moritz disappears what happens here? Juris and qbi are the backup persons.
    237239Colin is helping out.
    238240
     
    240242flows to country-based NFP orgs that runs relays.
    241243
    242 ## How do we handle an attack?
     244=== How do we handle an attack? ===
    243245
    244246- Ensure we have two people that is able to do the work.
     
    246248  different times.
    247249
    248 ## Physical documentation storage
     250=== Physical documentation storage ===
    249251
    250252Nick mentions that it is possible to print documents and store them
     
    254256for storing on papers.
    255257
    256 Action item
    257 ===========
     258== Action item ==
     259
    258260
    259261- We need a better password management solution than the one we have in