Protecting the bi-weekly Firefox meeting

[Dave Townsend]

I took an action some time ago to investigate how we could protect the bi-weekly Firefox meeting from videobombing. Things are complicated by the fact that we want this to be a public meeting. Here are the main options available to us:

1. Do nothing. We have never to my knowledge seen an incident of this nature and there are multiple empowered hosts usually at every meeting who could take action should such an incident occur. This still leaves things pretty wide open to abuse and relies on hosts to take action promptly.

2. Add a passcode to the room. As this is intended to be a public meeting we would have to distribute the passcode, likely in a public place. This would protect us against folks just trying random meeting room numbers but not much else.

3. Use a waiting room. A meeting host would be required to allow folks in from the waiting room. We don't keep a list of community members so hosts would need to use their own judgement on whether to let folks in or not.

4. Require registration. Zoom meetings can be set to require registration, the user fills out a form giving their email address and are then given a unique link to use to access the meeting. They do not need a zoom account to do this. Mozilla accounts can get in without registration. Meeting hosts can cancel registrations at any time. Folks only have to register once and can access any subsequent meeting. Registration can either be automatic or require a host to manually approve. In the automatic case this provides us some protection in that someone wanting to join needs to give us their email address and adds a small barrier to entry. The manual approval case adds that and then is essentially like the waiting room case.

5. Make the meeting private and record it for later public availability. Obviously this provides complete protection from random drive-bys but limits participation from the community. That said we seem to have few community participants in general.

My personal opinion is that the automatic registration option gives a good balance of adding a barrier to entry and giving us controls to block folks while still allowing the community to participate almost freely. It has the downside that participants have to provide us an email address that will be visible to meeting hosts.

What do folks think?