[Noisebridge-discuss] Handing out access tokens

Torrie Fischer tdfischer at hackerbots.net
Wed Jan 21 04:32:07 UTC 2015


Hei.

Lets talk about access tokens at the space again?

Henner recently reinstalled the RFID entry system for the space. It currently 
only handles the upstairs door, which is probably fine since its considered 
"weird" to not have a downstairs key to Noisebridge.

Last I checked, the list of upstairs keyholders remains the same. There was 
also some really intense discussion in previous months (and even today) about 
how to handle handing out access tokens. Lets figure this out and get on the 
same page again, yeah?

As I understand it, consensus is currently that tokens have (or should have) 
three bits:

* those who can give out new tokens
* those who can unlock the door 24/7
* those who can unlock the door during "open hours"

I don't quite remember if thats whats implemented in the RFID system, but 
folks are welcome to peruse the sources:

https://github.com/hzeller/rfid-access-control

Additionally, it is my understanding that tokens should have some sort of 
parent-child relationship, where invalidating one person's token will cut off 
access to all the children tokens.

Does this seem right to everyone? Is that cool?

If so, I'm totally open to handing out unprivileged only-opens-the-door-
during-open-hour tokens to more people who ask for one and I've got some 
minimal trust in them. I'm not someone to give out 24/7 or token-granting-
ability without some close understanding of mutual trust with the other party 
that they are also trusted by many others.


More information about the Noisebridge-discuss mailing list