On Wed, Oct 12, 2011 at 11:48 AM, Dave Fisher <dave2w...@comcast.net> wrote:
<snip> > I think that "we" as the AOOo PPMC will need to find one or more PPMC members > to fulfill certain external roles. > > Perhaps these roles are: > > (1) Public face of Security for AOOo. > Work on handling security reports occurs on a private list, ooo-security. It is not visible publicly, or even to the PPMC in general. Where there needs to be a public communication, for example, to report a vulnerability, it comes from members of ooo-security. This is all per the recommended process from Apache Security [1]. The PPMC is welcome to debate and adopt contract guidelines, but I would not recommend it. The members of the ooo-security list are stated on our FAQ page [2] So I think that part is already covered. > (2) Liaison with the TDF. > Ideally, someone who is already both a PPMC member and a TDF member. We have several. "Half liaisons" (someone who is a member of one organization but not the other) don't work quite as well. > (3) Press Liaison. > As a podling we're a bit limited here, per Podling guidelines [3], but there is certainly some scope for doing good work here, if someone wants to volunteer. > (4) Brand Manager / Cat Herder. > You see those as the same thing? We've had a couple requests for permission to use the OOo trademark and logo. We handled those requests well, I thought. I don't think there is a volume of such requests that would suggest we need a person dedicated to that. > With people in these roles who are active then perhaps the rest of us can > defer immediate responses to questions in these areas when they occur on > ooo-dev. With slight formality we might be able to stop the periodic and > damaging flames of misunderstanding. > Other areas where we could use some volunteer leadership: 5) wiki master 6) bugzilla master 7) web master [1] http://www.apache.org/security/committers.html [2] http://incubator.apache.org/openofficeorg/ppmc-faqs.html [3] http://incubator.apache.org/guides/branding.html