Hi Pedro, On Oct 25, 2011, at 11:42 AM, Pedro Giffuni wrote:
> I am not in the PPMC specifically to avoid participating in this type of > discussions, but I have to say this, just IMHO: I appreciate your decision to focus on the code. Project management keeps pulling me away from code ... for too many years. > > I fail to understand why the ASF is not considered neutral, deep > inside I think the reason is simply because this year we got a bigger > toy in our Christmas tree that they wanted. Hope I am wrong. Michael Meeks and Florian have been explicit today that openoffice.org as a destination is not considered neutral by the TDF. I haven't explicitly asked if an apache.org address is not sufficiently neutral ... I suspect not. I think about this as a branding decision by TDF about LO and not our business. > We owe to our millions of users out there to maintain our own security > channels and we cannot delegate them to a third party. Looking for > an unrelated domain to handle our issues is like giving your children > to your neighbors so they educate them "impartially". There should be no doubt that [email protected] will remain as the project's security list. If there is a meta-list for security for all of the peers in the OOo / LO and the rest community. This is some confederation that shares security issues in a private manner between peers. The peers have the mutual interest of their communities in mind. > > If there is no interest in bringing the code bases together I think there > Is not much to gain on a shared security list on the long run. There is a need for co-operation regardless of the code divergence. The code will retain significant commonality. The ODF format is a standard. There will be common security issues. One could argue that the such co-operative lists should include all of the Microsoft Office community as well. Both LO and OOo implement OOXML and the binary MS Office formats. I won't because I suspect that it is a bridge too far. Regards, Dave > > Pedro.
