[OpenID-Specs-eKYC-IDA] Issue creation with suspicious download links

Hodari McClain hodarisudan at gmail.com
Fri Mar 31 04:21:46 UTC 2023 

Thanks Mark and Joseph.  Sure thing, it just looked off.  My main concern
were the spearphishing-type download links contained within.

Let me dig into a bit and come back to you with some potential solutions.
Perhaps as a quick fix, we can implement allow/blocklist and restrict issue
submission to wg member emails. Not sure if that feature is available on
this version of bitbucket.

Agree on the full time moderation, admin overhead is not sustainable,
assume this is most folks’ side side gig :)

I am over here working on ID Proofing with George Fletcher at our day job
and he’s encouraged us all to give back more to the standards bodies. So
will do my best to help out wherever I’m needed.  Are there any recordings
of the wg sessions? The morning times are tough for me to make and I was
swamped again for yesterday’s call, unfortunately.

Thanks,
Hodari



On Wed, Mar 29, 2023 at 6:37 AM Mark Haine <mark at considrd.consulting> wrote:

> Thanks for highlighting this Hodari,
>
>
>
> I have marked the issues in question as junk in bitbucket and have turned
> off notification of new issues so that there is no further magnification of
> the spam into everyone’s mailboxes.
>
>
>
> The longer term fix for this will unfortunately mean we need to turn on
> moderation of issues which is an administrative overhead and potential
> source of latency that we rather not have but seems unavoidable at this
> point.  Any other useful mitigations anyone would like to suggest?
>
>
>
> Finally I want to thank Joseph for his help on this.
>
>
>
> Mark
>
>
>
> *From: *Openid-specs-ekyc-ida <
> openid-specs-ekyc-ida-bounces at lists.openid.net> on behalf of Hodari
> McClain via Openid-specs-ekyc-ida <openid-specs-ekyc-ida at lists.openid.net>
> *Reply to: *OpenID eKYC Identity Assurance Working Group <
> openid-specs-ekyc-ida at lists.openid.net>
> *Date: *Wednesday, 29 March 2023 at 05:55
> *To: *Naohiro Fujie <naohiro.fujie at eidentity.jp>
> *Cc: *Hodari McClain <hodarisudan at gmail.com>, OpenID eKYC Identity
> Assurance Working Group <openid-specs-ekyc-ida at lists.openid.net>
> *Subject: *Re: [OpenID-Specs-eKYC-IDA] Issue creation with suspicious
> download links
>
>
>
> Ok thanks
>
>
>
> On Wed, Mar 29, 2023 at 12:54 AM Naohiro Fujie <naohiro.fujie at eidentity.jp>
> wrote:
>
> It seems just spam...
>
>
>
> 2023年3月29日(水) 13:47 Hodari McClain via Openid-specs-ekyc-ida <
> openid-specs-ekyc-ida at lists.openid.net>:
>
> Anyone else seeing the recent flurry of issues created on EACY-ida repo?
>
>
>
> Are these legitimate/test issues or just spam?
>
>
>
> Thanks,
>
> Hodari McClain
>
> Capital One
>
> Consumer Identity
>
> --
>
> Chance favors the prepared mind
>
> --
> Openid-specs-ekyc-ida mailing list
> Openid-specs-ekyc-ida at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ekyc-ida
>
> --
>
> Chance favors the prepared mind
>
-- 
Chance favors the prepared mind
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ekyc-ida/attachments/20230331/930bd3c3/attachment-0001.html>

More information about the Openid-specs-ekyc-ida mailing list