it.
-- BJ (jgr)
+
+---
+
+Alternately, we could use `--passwd-fd` and `ssh-agent`, along the
+lines i proposed [for handling passphrase-locked secret
+keys](handle-passphrase-locked-secret-keys).
publish all changes to the keys.
-- BJ (jgr)
+
+---
+
+I think [when we reorganize the `monkeysphere-server`
+shortcuts](reorganize-monkeysphere-server-shortcuts) it'll make it
+clearer what the right interface should be.
+
+As for what should actually happen, i think that the server should
+actively revoke old User IDs, rather than removing them. It should
+probably prompt the administrator to re-publish the host key as well,
+to ensure that the new User IDs are published.
+
+ --dkg
close this bug?
-- BJ (jgr)
+
+---
+
+I'm fine with closing this bug, unless we want to set up the limited
+shell access/welcome letter like i described above. If we want to do
+that, it'd be worth keeping it open until those scripts are written.
+
+I envision a script you'd invoke like:
+
+ root@george# addmsuser foo 'Foo T. Bar <foo@example.org>'
+
+Which would create the `foo` account, populate
+`~foo/.config/monkeysphere/authorized_user_ids`, make a note in a log
+someplace, and send a welcome letter.
+
+--dkg
projects / monkeysphere.git / commitdiff