[09:18:52] <Emperor>	 Who owns our ARIN contact info? abuse@ had an email from them to confirm our details, and it currently lists that address and what looks like paravoid's personal email address. So it should presumably be updated...?
[09:24:08] <volans>	 Emperor: Usually netops + potentially willy. Btw the last email I got is from 10 days ago.
[09:27:14] <XioNoX>	 Emperor: where do you see that ? Checking the ARIN portal POCs I don't see anything related to Faidon
[09:33:07] <Emperor>	 volans: sorry, yes, that mail is quite old, I'd just not checked the abuse folder in a while :-/
[09:36:22] <Emperor>	 (I think I thought that a change would have resulted in a follow-up email, but maybe I just need more coffee)
[09:40:12] <volans>	 XioNoX: search for "Verify Your ARIN Contact Information" in your email
[09:40:30] <volans>	 the To: field
[09:41:16] <XioNoX>	 I guess he removed it since ? :)
[09:44:05] <moritzm>	 we track(ed) the acess change at https://phabricator.wikimedia.org/T322101
[09:47:54] <XioNoX>	 the email is from 10 days ago
[09:52:37] <Emperor>	 I know, sorry :(
[09:58:17] <XioNoX>	 Emperor: I mean the task hasn't been updated since March, so your message is welcome :) My guess is that Faidon removed his contact when he got the email. Otherwise I'm not sure.
[09:58:58] <XioNoX>	 It's also a bit worrisome that there are still action items for an offboard task opened a year ago
[10:03:35] <volans>	 between this last week and the first quiet week of january it seems the perfect time to wrap it up :D
[10:04:58] <moritzm>	 IIRC the last remaining bits all needed Mark's involvement, not sure what the status is
[10:11:27] <XioNoX>	 and the cloudflare one needs to be done using the noc@ user
[10:13:53] <Emperor>	 while I'm on an asking questions kick: who owns the acceptable-container-images policy? [i.e. who should I get in touch with if I want to ask about exceptions / edge cases?]
[10:17:17] <question_mark>	 interesting
[10:18:09] <question_mark>	 looks like ARIN has gone all the way from purely e-mail sender/from address based account "security" to nowadays requiring full 2FA and supporting hardware keys
[10:24:32] <question_mark>	 just a single hw key though, which is disappointing
[10:25:51] <question_mark>	 so what needs happening?
[10:26:37] <question_mark>	 i no longer see faidon associated to WIKIM, so someone, or himself, removed him
[10:26:46] <question_mark>	 i just verified my POC, so that's done too
[10:26:48] <question_mark>	 anything else?
[10:27:04] <volans>	 question_mark: if you're at it I guess the remaining bits in https://phabricator.wikimedia.org/T322101
[10:27:16] <volans>	 that menntion you :)
[10:27:31] <moritzm>	 specifically just the two remaining parts for RIPE and APNIC
[10:27:59] <question_mark>	 not sure about the atlases
[10:28:16] <volans>	 and maybe evaluate if we should add willy or netops in the accounts where there is only you
[10:28:21] <question_mark>	 apnic... doubt I ever was involved in any of that tbh, but I guess someone added me
[10:29:24] <question_mark>	 apparently one can have only one Admin POC, that's currently me
[10:29:35] <question_mark>	 but multiple Tech POCs, which is arzhel/cathal/me atm
[10:30:13] <volans>	 ack
[10:31:13] <question_mark>	 i also don't see faidon listed in apnic
[10:31:20] <question_mark>	 (apparently my pw manager did have a login!)
[10:31:49] <question_mark>	 so I think that's all done?
[10:33:32] <moritzm>	 XioNoX, topranks: ^ Can either of you double-check and tick off the action items at https://phabricator.wikimedia.org/T322101 if that's all that was needed?
[10:36:43] <moritzm>	 ah, Mark already did that, nvm :-)
[10:38:48] <topranks>	 question_mark: yes I don't see anywhere with ARIN that Faidon is still listed so all is ok there.  APNIC the same.  
[10:39:18] <topranks>	 are you happy to be the lone "admin poc" on ARIN?  To my mind that makes sense, but if you'd rather we change it that's fine too.
[10:39:52] <topranks>	 I may need to bug you relating to T322101, and the RIPE anchor admin which we suspect is tied to Faidon, but I've not yet worked out exactly what we need to do
[10:39:56] <question_mark>	 well it seems you can't
[10:40:01] <question_mark>	 unless we just make a shared account
[10:40:45] <question_mark>	 and now it's protected by 2FA too, so you all would have an even harder time getting access to my account should I say disappear, not even hijacking my email would be enough
[10:40:47] <question_mark>	 so maybe we should do that
[10:41:11] <topranks>	 that's actually a good point 
[10:41:20] <question_mark>	 so yeah let's figure out a way where multiple people can have access
[10:41:24] <topranks>	 let me look into it and circle back to you 
[10:41:58] <question_mark>	 ty :)
[10:49:43] <paravoid>	 Your Linked POCs
[10:49:47] <paravoid>	  WNA11-ARIN 	Role 	Wikimedia Network Abuse 	12-11-2023   
[10:49:57] <paravoid>	 says my (personal) arin account
[10:51:58] <paravoid>	 also
[10:51:59] <paravoid>	 Organizations Associated with Your User Account
[10:52:05] <paravoid>	  WIKIM Wikimedia Foundation Inc. 
[10:53:31] <paravoid>	 I see an "unlink user" button that I can press, let me know if I should
[10:53:52] <volans>	 lol :)
[10:55:11] <topranks>	 hahaha 
[10:55:26] <topranks>	 paravoid: hope you are keeping well :)
[10:56:01] <topranks>	 to get to grips with how to handle this in future let me see if I can work out how to "unlink" you from our end 
[10:56:11] <topranks>	 but if not then yes that is probably a good idea 
[10:56:57] <paravoid>	 alright, let me know :)
[10:57:52] <paravoid>	 topranks: https://account.arin.net/public/secure/poc/view/WNA11-ARIN is where I see the button
[10:59:55] <topranks>	 paravoid: ok thanks 
[11:00:00] <topranks>	 do you see the same at https://account.arin.net/public/secure/poc/view/WIKIM-ARIN
[11:01:05] <paravoid>	 I see an "
[11:01:05] <paravoid>	 Associated Organizations
[11:01:08] <paravoid>	 there
[11:01:11] <paravoid>	 (WIKIM)
[11:01:13] <paravoid>	 but not a button
[11:06:15] <topranks>	 paravoid: yeah I can't see anywhere to "unlink" you from the WNA11-ARIN POC 
[11:06:29] <volans>	 nice UX
[11:06:35] <volans>	 :facepalm:
[11:06:36] <topranks>	 the docs also do not seem to mention it - just how to link your ARIN Online account to a POC, or how to delete a POC 
[11:06:49] <topranks>	 volans: as bad as it is it's a lot better than it was :)
[11:07:12] <topranks>	 paravoid: so yeah if you would be kind enough to voluntarily "unlink" yourself that would be good :)
[11:07:24] <paravoid>	 Unlink Yourself from This POC
[11:07:24] <paravoid>	 Unlinking yourself from this POC will prevent you from managing the organizations and resources associated with you only through POC record WNA11-ARIN.
[11:07:27] <paravoid>	 Note: Notifications of this action will be sent to you and all users and email addresses associated with this POC. 
[11:07:30] <paravoid>	 You no longer have access to POC WNA11-ARIN through your user account.
[11:07:51] <topranks>	 much obliged :)
[11:08:13] <volans>	 email received
[11:08:16] <volans>	 sad..
[11:08:38] <paravoid>	 fyi the phab ticket is private and I don't have access to it
[11:08:46] <paravoid>	 if you need my help with anything else ping me here
[11:09:13] <topranks>	 paravoid: super thanks, there is nothing much in the phab ticket 
[11:09:41] <volans>	 paravoid: you've access now :D
[11:09:55] <volans>	 but yes, nothing more to do AFAICT
[11:10:12] <paravoid>	 there's still https://wikimediafoundation.org/role/staff-contractors/
[11:10:29] <paravoid>	 for me and a bunch of other people that have left (or joined) I'm sure
[11:10:37] <volans>	 yes, that's super outdated
[11:11:36] <volans>	 we've also cloned am.ir there :D
[11:12:39] <topranks>	 question_mark: I've changed our 'Admin POC' from your personal account to the WIKIM-ARIN NOC contact now 
[11:13:18] <topranks>	 with the result that admin changes will go to noc@wikimieda.org for approval 
[11:13:27] <question_mark>	 ok
[11:13:38] <topranks>	 I don't think we can have a contact with multiple individual accounts listed 
[11:14:09] <topranks>	 so the other option is to create a new mailbox that a smaller set of people are members of 
[11:15:26] <topranks>	 question_mark: you should link your personal account to WIKIM-ARIN and WNA11-ARIN also I think 
[11:15:39] <topranks>	 link here: https://account.arin.net/public/secure/poc/link
[11:15:51] <topranks>	 ayounsi: you should do so for WNA11-ARIN
[11:17:31] <question_mark>	 well if you were able to change the admin account without me, what is even the point of that role?
[11:22:05] <topranks>	 from what I can tell and just read it seems to only affect what email gets used to verify changes 
[11:22:30] <topranks>	 but indeed I was able to change the admin POC without you (previous admin POC) approving 
[11:23:00] <topranks>	 To link my Arin Online account with the admin role I had to click a link in an email they sent to noc@ just now 
[11:23:12] <topranks>	 which prior to that change would have gone to your personal account