On Fri, Feb 19, 2010 at 11:54 AM, Kevin Buley <kevin@buley.org> wrote:
Grr, Droid won't let me snip. Wrt multiple founders, I believe this would lead to a >lot of fighting over settings, etc. Who has the power to add and remove >founders? If more than one person then you'll have takeovers. If a single >person, then you're back to the same scenario as having a founder and sops.
I would suggest that only the person to know the channel password can change the channel password, change the official 'owner of record' for the channel as listed in CS INfO, or /CS DROP the channel. Three actions reserved for a person who knows the channel password. I doubt it would lead to fighting over settings, because the founder can pick additionals they trust. Think of this as giving a neighbor the keys to your house, but not the deed or certain legal rights (such as the authority to bring in a demolition crew and destroy it); this is useful if you go on vacation or something. Yes they can really hurt you in certain ways, but you trust them not to. Even though you gave them (essentially) full unsupervised access. What's significant is you make all or almost all technical abilities available to them, and that is an act of trust. You communicate the intent regarding what they accomplish using that access, what things they accomplish, precautions they should take, things they should not do, etc. You also still own the house., and you can have the locks changed later (if necessary). But your additional founder is essentially "you" when you are not there. Because most founders cannot be available 24/7. Multiple founders or managers does not necessarily mean channels need [or want] multiple owners of record. It could be used to reduce the access level of "shared founders", eliminate password sharing, and therefore improve security. Currently secondary or co-founders have to be given the channel password, in order to be able to change any settings. Unless the founder wants to risk using UNSECURE mode and /NickServ ACCESS list. Either method is not ideal, and reduces security in its own way. For example: currently, if you want to let someone else delete a SOP in an emergency, or do other things like mlock +m. You must give them the channel password. This allows them to also do things like DROP the channel or lock you out. In event case of dispute or abuse, I would expect the owner of the channel password to be able to revoke additional founders' access. But I doubt it would come to that often. -- -J