Interested. Background is in software and devops.

Follow up..

access and governance are two separate things: Authentication and Authorization. Each might have a different answer.

The “thing” accessed.. is it user created, community owned, or institutionally owned? I would imagine that has a bearing on the process.

EDIT 2:

Stack Overflow immediately comes to mind.

This answer might be more philosophic than useful, but how acceptable is a violation of the virtue or trust? Say a virtuous person abuses the trust in an unquestionable way.. say they used community funds to buy narcotics for children. Is it “ok” to base a system on past virtue when future virtue is highly consequential?