Make (and then use) a blog account policy
We have a bunch of old accounts on the blog, and for basic security hygiene, we should clean them up.
Even better, let's take this chance to develop, and post somewhere, a policy for who should be able to have a blog account, and when we'll disable them due to inactivity or etc.
Here is a proposed start to such a policy:
Any Tor Core Contributor can get a blog account, and it can stay active as long as they remain a core contributor.
We encourage everybody with an active blog account to do blog posts. Before you post, please work with the comms team to make sure the timing and content are best. [replace this short text with the longer text from steph's comment below]
To limit security surface area, we will disable accounts that haven't logged in during the past n months. Accounts can always be re-enabled when people want to use them again.
(I suggest n=18 months. We should specify some avenue for how to request the account in the first place, and for how to request re-enabling.)
Posters should be aware of, and follow, our blog comment moderation strategy:
We encourage guest posts from the broader community about topics that are important to Tor and Tor users. The best way to arrange a guest post is to get an existing Core Contributor to vouch for the guest, and then depending on the situation, either the core person will post it, or we'll make a blog account for the guest.