Hi, > Both Branko and Roman said that binaries do not need votes.
That may be correct, but binaries must be produced from official source releases and only official releases can be distributed on apache dist. There is one very large open question which is can an officially released installer install binaries from non official sources. Look at it from a user point of view, there's trust and security issues there. As our installer is currently set up the user would have no idea that the binary is not an "official" release and is not hosted on Apache infrastructure. The term "bait and switch" comes to mind. With 3rd party distributions / downloads / installers is up to the user to trust them, but anything hosted on Apache infrastructure needs to be held to a higher standard. > The Apache stance seems to be that “installers” are not official unless they > are installing source. That's 100% incorrect, the installer consists of source and must be voted on when making a release, if it's install source or binaries is irrelevant. Thanks, Justin
