Excuse me Michael, the proposal I am referring to was offered by Simon Phipps and I included his message.
If you don't want to accept the OUTLINE PROPOSAL or start from it as a point of discussion, that is fine. Just be clear that Simon's proposal was the one that I was replying about and proposing be [DISCUSS]ed on ooo-dev too. I was hoping that Simon's good offices in mediating this would be valuable. Is that not acceptable? What I like about Simon's proposal is that it is the least disruptive, and it adds meritocracy and (private) transparency features to how [email protected] operates. I assume that the current securityteam@ OO.o list would be grandfathered in. Why not? I pointed out in starting this [DISCUSS] thread that there is enough connection from ooo-security so that ASF can be represented well enough in discussion on securityteam@ OO.o to forward Simon's proposal, if there is agreement to do that. I don't see where anything about myself, Rob, and Caolan are in the message you are responding to. With regard to how the list software works/might-not/doesn't, can these 2d and 3rd order issues be deferred until the big questions are handled? - Dennis -----Original Message----- From: Michael Meeks [mailto:[email protected]] Sent: Friday, October 21, 2011 10:07 To: [email protected] Cc: 'Simon Phipps'; [email protected]; lsecurity Subject: Re: [DISCUSS] Neutral / shared security list proposal Hi Dennis & list, On Fri, 2011-10-21 at 08:11 -0700, Dennis E. Hamilton wrote: > It is not something that can be done unilaterally here on the AOOo podling. > Do you propose that this be discussed at securityteam@ OO.o? It would > seem that is where consensus is required. Last I checked only a few from TDF's security group are on that list; so it doesn't seem an ideal forum either. Lets just CC our security team as I've done. I am mildly amused by the convenient deployment of the argument type: "we have always done it this way" from a project undergoing such a lot of (in many ways positive) changes. Combine this with a world of extraordinary possibilities such as: mail forwarding and the "mail address is well known" bites the dust. There were many projects and people I used to admire in the ASF, but claiming it is neutral in today's world is not sensible. I would like to see, and think it is reasonable to ask for: 1. a neutral domain / list name 2. a comprehensive set of moderators / admins cf. previous 3. neutral hosting It seems vs. the present that the ASF guys are suggesting to compromise on only one of these points (2.) ie. having two Apache supporters (Rob + Dennis) as moderators, and one TDF guy (me or Caolan): is that right ? At a big stretch, assuming there is no heavy-governance-petting anywhere near it, I could cope with not having 3. ie. Apache hosting it - after all, that is rather invisible [ but I personally loathe reply-to mangling - I don't believe we would want that pushed onto us ]. So - where do we go from there ? it looks to me like no compromise is possible (for some definitions of compromise). We could create two 'neutral' mailing lists one at each side, with cross subscriptions to our own security lists - but it all seems a bit pointless. Regards, Michael. -- [email protected] <><, Pseudo Engineer, itinerant idiot
smime.p7s
Description: S/MIME cryptographic signature
