TPA-RFC-47: clarify what happens to email when we retire a user
As part of improving the offboarding process (legacy/trac#32519 (moved)), we should especially look at how email works.
Right now, when we retire a user, their account is first "locked" which means their access to various services is disabled. But their email still works for 186 days (~6 months). After that date, in theory, their email aliases start completely dropping email (needs to be onfirmed).
It's unclear if that's the right policy to follow. Some people feel that an email alias should stay around forever, as it is an inalienable human right.
Others feel that certain administrative roles should be forwarded when a person leave. If, say, "Alice" (fictive name) was doing fundraising but was using alice@torproject.org
for that work. When they leave, should we forward alice@
to fundraising@torproject.org
?
But then what if Alice was using their work email for private correspondance either? Maybe the fundraising team shouldn't be able to see those communications.
One proposal could be that the default policy is this:
- email @torproject.org is "function" email and is destined only for torproject.org related work
- when a person leave their position, that email gets deactivated after a 6 months delay
- in extreme cases, some forward may be temporarily enabled to reset accesses or re-establish contacts with a provider or third-party
It is also possible that there could be two policies, one for TPI employees and one for other TPO people.