Hi, Malte,
On 10/10/2011 12:33, Malte Timmermann wrote:
What's this thread about - "OOo/AOOo/TDF private security lists war
reloaded"? ;)
To sum up:
- Apache mentors/PPMCs made clear that only AOOo committers can be on
the AOOo Security list (ooo-secur...@incubator.apache.org).
Regardless of whether or not this rule makes sense in this special case
(AOOo = base for many OOo products), we have to adhere for that rule now.
- As a result, TDF decided to have the same rule for their security list
(tdf-secur...@lists.documentfoundation.org), and silently kicked me from
that list (which of course is their right to do, but some notice would
have been nice)
- Which leaves us with 1 common list where we don't have such
restrictive rules, and can continue with our cooperation: The
old/original OOo security list securityt...@openoffice.org.
Some people stated that the fate of old OOo lists is unknown - agreed.
But as long as they last, it's the best option to continue using that
security list. Members from all interested/helping parties are already
on that list (well, some RedOffice security guy should join), and the
list name is well known to security researchers and OOo users.
Malte.
Assuming that you are the "mt" listed as an administrator on the OO.o
security project, that should make you an owner of the securityteam ML.
I suggest that you provide subscriptions there for Dennis and Wolf (Rob
already being subscribed).
I thought I might have to volunteer to take over that ML, as I have for
a couple of the moribund @documentation lists. I still will, if anyone
thinks it necessary.
/tj/
TJFrazier on OO.o
Owner/moderator, dev@doc
Owner/moderator, authors@doc
On 10.10.2011 17:37, Michael Meeks wrote:
Hi Dennis,
On Mon, 2011-10-10 at 08:03 -0700, Dennis E. Hamilton wrote:
How is it that this "reciprocal action" occurred and was made known to
the Apache OOo podling ?
Oh - it's quite simple, you ASF/OOo made your decision to not include
TDF guys, and we (without an endless mail thread) made the quiet
decision to drop Malte from our LibreOffice specific mailing list:
tdf-secur...@lists.documentfoundation.org in response; turning it into a
TDF-ony list. That seems reasonable presumably.
And how is it that it was performed on securityt...@openoffice.org ?
When did that become a TDF property? Who is the "our" in whose name a
reciprocal action was taken?
Gosh :-) The securityt...@openoffice.org list stayed exactly as it has
always done - as a cross-vendor, cross-project, place to exchange such
information. No-one was removed from it, Malte is still on it, and Rob
was added. This is where the details were discussed, and the patches
posted. That list is certainly not a TDF property. The tdf-security list
on the other hand is.
If this was a race to demonstrate who is the least trustworthy in
these matters, I concede that you won. Feel better now?
Thank you for your vote of confidence. The more I hear nonsense talked
about what goes on on private security lists, the more I hate them. If
only they were not necessary.
All the best,
Michael.
