Administrator/Trusted User Validation Process

Status of This Memo
Copyright Notice
ABSTRACT
1. Introduction
1.1. Overview
1.2. Terminology
2. Validation Aims
3. Validation Process

Teapot-Chat Adminstrator Council
Request For Comments: 4
Category: Standards Track
Status: Standard

Netizen Land - The Internet
Wael Karram
December 2023

Status of This Memo

This document specifies a standards track for the teapot IRC chat network administrators, and requests discussion and suggestions for improvement.
Distribution of this memo is limited strictly to authorized network administrators within the teapot chat network or any third party authorized by them.

Copyright Notice

Copyright (C) 2023 Teapot Chat Network Administrators. All rights reserved.

ABSTRACT

This document describes the process by which an administrator or trusted user is validated.
Optional and non-binding sections are clearly indicated, all other sections are assumed automatically binding.
Subject to amendment at a later date.

Table of Contents

1. Introduction

. . . . . . . . . . . . . . . . . . . .
3

1.1. Overview

. . . . . . . . . . . . . . . . . . .
3

1.2. Terminology

. . . . . . . . . . . . . . . . .
3

2. Validation Aims

. . . . . . . . . . . . . . . . . . .
4

3. Validation Process

. . . . . . . . . . . . . . . . .
4

4. Authors’ Addresses

. . . . . . . . . . . . . . . . .
5

1. Introduction

1.1. Overview

To validate and verify the identity of a network operator or trusted user, is also entrusting those doing the validation to be able to judge the potential risks and hazards of such a process and what effects it might have on the network.
This document defines rules and regulations for validation of a network operator or trusted user, be it in the case of someone losing their credentials or a new operator or trusted user joining the network.

1.2. Terminology

This document inherits keywords from RFC 1 through 4, read section 2 "Terminology".
The keywords denoting requirements, including optional requirements shall be interpreted as is defined in IETF RFC 2119.

2. Validation Aims

The validation process first and foremost aims to keep access to network resources and administration within the hands of trusted parties. If at any stage of the process there is a doubt as to whether or not the party being validated can be trusted - then the process should be put on hold pending further evidence that clears or confirms said doubts.
The process aims to verify whether or not the person is indeed whom they claim to be and whether or not they can be entrusted with access to key network infrastructure.

3. Validation Process

Every aspect of the validation process shall be recorded in a manner that is accessible by all other council members to read during and after said validation. In cases where a proof of identity is required, cryptographic proof (using cryptosystems such as GPG) is of utmost importance. Failing that, the ability to demonstrate reasonably high levels of control over key resources where no other untrusted third party has control can be also used as a proxy measure.
All network operators are required to make sure that they’ve got their keys cross-signed by the other network operators to make this process simpler and more secure.
In the case of trusted users, core council members may still veto the whole motion and effectively render the user unable to verify - even if it entails de-facto making them lose access to resources they controlled on the network. This section does not apply to core council members though.

Authors’ Addresses:

Wael Karram
wael@waelk.tech/wael@teapot.chat