On Thu, Jun 04, 2020 at 12:42:47AM +0200, Thomas Goirand wrote: > > IMHO, this requirement makes more difficult to find as someone from the > > people, as AFAIK many of us are working in a way for a cloud provider, > > or a partner. > > > > What are we actually afraid of here ? As far as the build process of the > > images is in the open. > > We're afraid of conflict of interest. There's been multiple times where > we saw it could happen, and by having the delegates not involved with a > provider, we're hoping to reduce that risk.
Can you cite a specific example? I cannot think of one. If *all* delegates were affiliated with a single cloud provider or other similar entity, then I'd be more inclined to share your concern. As it is, I think calling out that our restrictions on the delegations are unusual in the broader context of DPL delegations is an interesting point, and we should consider the possibility that we're excluding people who might otherwise be well suited to this role. Practically speaking, the cloud team delegates have little real power and very few actual responsibilities. The possibility of abuse is minimal. Transparency in our decision making processes should be more than sufficient to address any potential concerns. > > We have Debian Developpers working for Ubuntu, Redhat, Prodigy, Kali in > > the past and present, and it mostly goes fine. > > And? I don't see how this relates to the discussion. It relates directly. The very same conflicts of interest about which you express concern apply in these cases as well. noah
