+1, thanks for organising this On Wed, 7 Dec 2016, 08:02 Lancelot SIX, <[email protected]> wrote:
> Big +1 for me for all of the no nominees. > > BR > Lancelot > > On 07/12/2016 04:40, Jonn Mostovoy wrote: > > My 2c: nbp certainly should be nominated ;) > > > > Regarding the proposal — it has to happen sooner or later anyway, and > > if someone is willing to start it now, +1! > > — > > Kindest regards, > > ¬Σ > > > > > > On Wed, Dec 7, 2016 at 2:49 AM, Graham Christensen <[email protected]> > wrote: > >> Hello again Nix Users, > >> > >> I was talking with Domen the other day on IRC about starting the NixOS > >> Security Team. We agreed we should run it by the mailing list first and > >> gets some feedback. > >> > >> Members of this team would: > >> > >> - send out security announcements to our new mailing list[0] > >> - have their GPG fingerprints on the public website so the > >> announcements can be verified > >> - potentially receive private security disclosures about the Nix > >> ecosystem > >> - (hopefully) help with weekly security roundups and bug fixing > >> > >> Long term, they are likely to be initial candidates for when we're > >> seeking membership to the oss-security's "distros" list[1], and perhaps > >> more direct involvement in security roadmap issues[2]. > >> > >> I think it is important that the members of this project have a history > >> of interest in NixOS's security, and a general history of contributions > >> to the project. > >> > >> I nominate the following people: > >> > >> - myself obviously, Graham Christensen (grahamc) > >> - Daniel Peebles (copumpkin) > >> - Domen Kožar (domenkozar) > >> - Franz Pletz (fpletz) > >> > >> For Daniel and Domen, they are both fairly ( ;) ) respectable members of > >> the community, have a long history of involvement, and both directly > >> expressed interest on the thread about the "distros" mailing list[1]. > >> > >> For me, well, I think my initiative, consistency, and history speaks for > >> itself[6,7]. (I also expressed interest in that same "distros" > >> thread.[3]) > >> > >> For Franz, he is an incredibly consistent partner in the security > >> roundups, and whose efforts I based the roundups process on. > >> > >> For Eelco and Rob Vermaas (not listed above,) I don't think they need > >> nominating, and will be on the team if they want. (I'm assuming they'll > >> want.) > >> > >> I haven't asked Daniel, Domen, or Franz if they would like to be > >> members, so this is obviously pending their acceptance, and the approval > >> of the community. > >> > >> Daniel, Domen, Franz, and Community: what do you think? A simple "+1" > >> would be helpful, even if you have no further feedback. > >> > >> Eelco, Rob: what do _you_ think? > >> > >> Thank you, > >> Graham Christensen > >> > >> 0: > http://lists.science.uu.nl/pipermail/nix-dev/2016-November/022207.html > >> 1: https://github.com/NixOS/nixpkgs/issues/14819 > >> 2: https://github.com/NixOS/nixpkgs/issues/14819#issuecomment-212337290 > >> 3: Note that I originally did express interest, but deleted my comments > >> after [4] because peti was right. See: [5] > >> 4: https://github.com/NixOS/nixpkgs/issues/14819#issuecomment-212550422 > >> 5: https://github.com/NixOS/nixpkgs/issues/14819#issuecomment-213805937 > >> 6: > https://github.com/NixOS/nixpkgs/search?q=%22Vulnerability+Roundup%22+author%3Agrahamc&type=Issues&utf8=%E2%9C%93 > >> 7: https://github.com/NixOS/security > >> _______________________________________________ > >> nix-dev mailing list > >> [email protected] > >> http://lists.science.uu.nl/mailman/listinfo/nix-dev > > _______________________________________________ > > nix-dev mailing list > > [email protected] > > http://lists.science.uu.nl/mailman/listinfo/nix-dev > > _______________________________________________ > nix-dev mailing list > [email protected] > http://lists.science.uu.nl/mailman/listinfo/nix-dev >
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
