Dave, if you are going to do that, just relabeling a thread is not helpful.
Please compose a specific concrete proposal under a [DISCUSS], and announce the duration and end-time for a lazy consensus at the top. Give it at least 3 full 24-hour calendar days. I don't have any sense that there is alignment yet, but there may be in that time and I am happy to be mistaken. Then at the end, if there is a consensus, please report what it is. - Dennis -----Original Message----- From: Dave Fisher [mailto:dave2w...@comcast.net] Sent: Tuesday, October 25, 2011 15:35 To: ooo-dev@incubator.apache.org Cc: flo...@documentfoundation.org Subject: Re: [proposal] Neutral / shared security list ... Hi - Sorry to reply to myself. Even though there are choices in this email. Please view it as a proposal. Where we are seeking lazy consensus. On Oct 25, 2011, at 3:26 PM, Dave Fisher wrote: > On Oct 25, 2011, at 3:18 PM, Simon Phipps wrote: > >> On Wed, Oct 26, 2011 at 12:04 AM, Dave Fisher <dave2w...@comcast.net> wrote: >> >>> >>> Agreed. We need to pick a neutral domain name. office-security.org is >>> apparently free. >>> >>> Some institution needs to buy domain registration. I've been the volunteer >>> registrar for a social groups domain, it is a pain to transition. This needs >>> to be an institution, it could be Team OOo? >>> >> >> I think they are too close to the matter. SPI exists specifically to hold >> assets in trust - perhaps they would hold the registration for us all? If >> we agree I'd be happy to volunteer to contact them. >> >> It's also possible we could ask OSI to do it - Jim Jagielski and I are both >> on the Board at present. > > These are both interesting ideas. The proposal is to pick a domain and get registration Simon volunteers to help. > >> >> >>> >>> An ISP for hosting the private ML needs to be selected. Dennis suggests >>> that the ASF could be that ISP for free. > > <slight snip/> > > And: > > <insert> > > On Oct 25, 2011, at 2:51 PM, Florian Effenberger wrote: > > <snip/> > >> >> If we basically agree that such a list as outlined by me is a way to go, I >> am happy to ask a friend of mine who has a very good reputation in being a >> mail server, mailing list and security expert, with a very good track >> record, including all sorts of certifications. He is offering e-mail >> services as business. >> >> I just don't want to spread the name publically without asking him first, >> and I don't want to ask him, before we have some common understanding. :-) >> > > > </insert> The proposal is for the exiting securityteam to choose, the above are two possibilities. > > >>> >>> securityteam@oo.o is migrated to whatever the new list is, and those >>> people start administrating. >>> >>> I think it is very important for the public to know who all of the projects >>> are on the shared ML. I propose that this shared security team provide a list of participating peers to the public. >>> >>> Are we done already :-) > > Let's let the world revolve to see if we have some Consensus. Revolve 3x or 72 hours. Regards, Dave > > Regards, > Dave > >>> >>> Regards, >>> Dave >>> >>>> >>>> That is fair to anyone, does not exclude anyone, does not benefit one >>>> over the other -- it's easy, simple, and the best way to go. Sure, >>>> everyone can create own aliases pointing to that list, but the core is >>>> the same, and that's what matters. >>>> >>>> If you folks now start complaining about we don't trust Apache, we can >>>> answer by complaining you don't trust TDF and so on. It's a horrible >>>> waste of time, it's lame, it does not help anyone, and it makes me doubt >>>> we're talking amongst adults, seriously. >>>> >>>> And, really, all this crap being tossed around about trustworthiness, >>>> upstream, downstream, code similarities and insults is worth not even >>>> the digital paper it's written on. >>>> >>>> I made a simple, plain, and easy proposal. Don't make things overly >>>> complicated, folks. >>>> >>>> Thanks for considering, >>>> Florian >>>> >>>> -- >>>> Florian Effenberger <flo...@documentfoundation.org> >>>> Steering Committee and Founding Member of The Document Foundation >>>> Tel: +49 8341 99660880 | Mobile: +49 151 14424108 >>>> Skype: floeff | Twitter/Identi.ca: @floeff >>>> >>> >>> >> >> >> -- >> Simon Phipps >> +1 415 683 7660 : www.webmink.com >