[MLB-WIRELESS] Authority to change website question sparked by SSL debate
Mike Everest
mw at freenet.net.au
Mon Jul 30 12:35:57 EST 2012
G'day,
The order should probably be reversed ;-)
Fix the update procedures (nothing gets done until that is sorted ;-), then
fix google map API (there is a definite deadline there), and then sort out
the SSL.
Or, since you apparently have the time, ability and motivation to do
something now, just go ahead and do it in any manner that raises no
significant objections ;-)
I'm happy to assist with web site and application updates (I am familiar
with google API, and I maintain a few php applications myself - including
our online store) but I just need assistance in setting up my IDE to work
properly with that server. I attempted it once before, but couldn't get the
damn thing to work properly. It's probably time to have another crack at
it.
Cheers!
-----Original Message-----
From: melbwireless-bounces at lists.wireless.org.au
[mailto:melbwireless-bounces at lists.wireless.org.au] On Behalf Of Steven
Haigh
Sent: Monday, 30 July 2012 10:47 AM
To: melbwireless at lists.wireless.org.au
Subject: Re: [MLB-WIRELESS] Authority to change website question sparked by
SSL debate
Hi Mike,
I kind of agree with you here - but I'm mainly focussing on the processes we
should be following at this point. Obviously, people had issues with moving
to SSL only. While I don't quite understand the reasoning, they are entitled
to have an issue with it and we'll find a compromise somewhere.
What I believe is worthwhile now is to try and at least figure out the least
objectionable path we take when making changes to the site. Sadly, the
coders at wireless.org.au mailing list has been deadly quiet - with nobody
looking at reviewing code changes or even offering insight. In my mind, this
means it is broken and we need to agree on another way to make things work.
I do know of people that have submitted changes to the site only for the
changes to be ignored and left in limbo with no outcome. This also makes me
think the current process is broken.
After a week of no reply from anyone, there are still the following things
to be done/implemented:
1) Figure out where we want to use SSL. Make sure SSL stuff stays secure and
you don't get dropped to non-SSL anywhere. Actually make the changes. I have
already made the mapping stuff work over SSL.
2) We need to move from the Google Maps API v2 to v3. We have 11 months to
do this before the Google Maps integration stops completely as Google turn
off v2 API access.
3) Figure out how we are going to utilise external help on making changes /
updates to the site and how we approve / review / accept changes. It has to
actually work.
--
Steven Haigh
Email: netwiz at crc.id.au
Web: http://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897
Fax: (03) 8338 0299
On 30/07/2012 10:23 AM, Mike Everest wrote:
> In the past, the way I have obtained authority to do anything is to write
this sort of message to the official lists:
>
> "Unless anyone objects, I propose that I will do <statement of intent>"
>
> Then if(/when) someone objects, modify the statement of intent and
> post again ;-)
>
> Regarding the web site, consensus seems (to me) that it is sensible to
redirect only the login page to https - assuming that after logon, ssl
continues (I can't think of any reason why it wouldn't) then the job is
done.
>
> I suspect that the pages with embedded maps will probably complain
> about secure+insecure items, but that is not too hard to fix (I
> suspect)
>
> Cheers!
>
> -----Original Message-----
> From: melbwireless-bounces at lists.wireless.org.au
> [mailto:melbwireless-bounces at lists.wireless.org.au] On Behalf Of
> Steven Haigh
> Sent: Monday, 30 July 2012 10:03 AM
> To: coders at melbournewireless.org.au
> Cc: committee at melbournewireless.org.au;
> melbwireless at lists.wireless.org.au
> Subject: Re: [MLB-WIRELESS] Authority to change website question
> sparked by SSL debate
>
> Ok, so its been a week since any kind of input / reply from anyone on
either the coders or committee mailing lists regarding this. Throwing it
open to public debate and/or ideas.
>
> --
> Steven Haigh
>
> Email: netwiz at crc.id.au
> Web: http://www.crc.id.au
> Phone: (03) 9001 6090 - 0412 935 897
> Fax: (03) 8338 0299
>
> On 23/07/2012 8:13 PM, Steven Haigh wrote:
>> Hi Russell,
>>
>> You hit the nail on the head here. There is no method that has been
>> established for any kind of approval / discussion process. In the
>> past, its been a case of just do it.
>>
>> It has mainly been a do, test, communicate - which is what I still
>> followed. If this should change, then we need a way to actually
>> communicate it with people and also ensure communication doesn't
>> disappear into the black hole as has been the tendency.
>>
>> At the moment, we still need to move the Google Maps API from v2 to
>> v3 at some point, but everyone has been normally quiet on this one.
>>
>> So, what do the fellows on these two lists suggest?
>>
>> --
>> Steven Haigh
>>
>> Email: netwiz at crc.id.au
>> Web: http://www.crc.id.au
>> Phone: (03) 9001 6090 - 0412 935 897
>> Fax: (03) 8338 0299
>>
>> On 23/07/2012 7:27 PM, Russell Smith wrote:
>>> Hi,
>>>
>>> I don't wish to directly enter into the SSL debate here. But Tyson
>>> and Steve's exchange below does highlight something I've had a
>>> question about for a while. What and where does authority lie to
>>> actually change the website? Following that, how do you interact
>>> with that process so decisions can be timely and reach an agreement.
>>> For example, a committee meeting that makes the call and it's done.
>>> But then there are technical changes as well that the committee
>>> don't have a direct interest in.
>>>
>>> I made substantial changes to the website structure and code and
>>> proposed it be reviewed, but I've seen nothing come of that. Who
>>> would authorize the 'new' code to be used? I've applied bug fixes
>>> as directed by committee/exec which is fine and would seem to follow
>>> and reasonable protocol. I've also thought about doing exactly what
>>> Steve did here and directing all of the domain names to a single one.
>>> But who chooses which one? How do you get an authoritative answer
>>> that must be accepted by all? Obviously Steve chose the right one
>>> as nobody complained about that!
>>>
>>> Which returning to the SSL debate in a less public way, should this
>>> be added to the agenda for a committee meeting, discussed and either
>>> approved or rejected. Then we move on? It would seem a clearer
>>> approach than emails expressing individual views. If people feel
>>> strongly, they should make a submission to the committee as part of
>>> the process. If that is reasonable should it be proposed for other
>>> website works as the way forward?
>>>
>>> Thanks
>>>
>>> Russell
>>>
>>>
>>>
>>> On 23/07/12 07:39, Steven Haigh wrote:
>>>>> You acted without authority by prematurely making the switch in
>>>>> spite what was said by our elected President.
>>>>
>>>> I think the time frame is a little out there. I enabled SSL, tested
>>>> it over several days, then added the redirect. It was only when I
>>>> emailed the coders list that anyone even noticed the change had
>>>> been made. The discussion between myself and Tyson took place AFTER
>>>> everything was already functional. I have never been aware of any
>>>> other process we have used for web development - including changes
>>>> to the operational aspects of the web site.
>>>
>>>
>>
>
>
_______________________________________________
Melbwireless mailing list
Melbwireless at lists.wireless.org.au
https://lists.wireless.org.au/mailman/listinfo/melbwireless
More information about the Melbwireless
mailing list