[Noisebridge-discuss] Handing out access tokens
Torrie Fischer
tdfischer at hackerbots.net
Wed Jan 21 04:32:07 UTC 2015
Hei.
Lets talk about access tokens at the space again?
Henner recently reinstalled the RFID entry system for the space. It currently
only handles the upstairs door, which is probably fine since its considered
"weird" to not have a downstairs key to Noisebridge.
Last I checked, the list of upstairs keyholders remains the same. There was
also some really intense discussion in previous months (and even today) about
how to handle handing out access tokens. Lets figure this out and get on the
same page again, yeah?
As I understand it, consensus is currently that tokens have (or should have)
three bits:
* those who can give out new tokens
* those who can unlock the door 24/7
* those who can unlock the door during "open hours"
I don't quite remember if thats whats implemented in the RFID system, but
folks are welcome to peruse the sources:
https://github.com/hzeller/rfid-access-control
Additionally, it is my understanding that tokens should have some sort of
parent-child relationship, where invalidating one person's token will cut off
access to all the children tokens.
Does this seem right to everyone? Is that cool?
If so, I'm totally open to handing out unprivileged only-opens-the-door-
during-open-hour tokens to more people who ask for one and I've got some
minimal trust in them. I'm not someone to give out 24/7 or token-granting-
ability without some close understanding of mutual trust with the other party
that they are also trusted by many others.
More information about the Noisebridge-discuss
mailing list