On 10 Oct 2011, at 15:55, Jürgen Schmidt wrote: > On Mon, Oct 10, 2011 at 3:51 PM, Simon Phipps <si...@webmink.com> wrote: >> >> Back to the actual issue: >> >> * for (A), AOOo clearly needs a private security list. We all agree. >> * for (B), the legacy StarOffice ecosystem clearly needs a shared private >> security list. Seems we all agree on that too. >> >> The former apparently exists. All that's left is to actually agree to a >> technical arrangement that works for the latter. There are two proposals on >> the table. Given the tendency of some to confuse community collaboration >> with Apache project work, I actually think the idea of a list at >> freedesktop.org for (B) makes most sense. >> > > let us check first if we can still use the already established list > securityt...@openoffice.org <knownsecurityt...@openoffice.org> before > seeking for a new name. It's at least not clear for me if we can use it or > not, i will try to clarify this. > > freedesktop.org is very Linux centric, isn't it?
Yes, it's a Linux desktop programmer hangout. However, it has the political benefit of being neither Apache nor TDF managed. If that wasn't an issue, I have checked with TDF and they would be happy to host security-col...@documentfoundation.org if we wanted :-) > Does it make sense to check first the possibility of using the existing > name? Absolutely, yes, although I think if we can't get it sorted in the next week or so we should opt for a new venue. As well as the basic practical detail of availability we also need to make sure the list can be managed by and for its participants and is not exclusive to Apache as was proposed in some earlier messages. > > Juergen > > >> >> How about starsec-col...@lists.freedesktop.org (named so that there's >> clearly no single project "owning" it). >> >> S.