On 10/25/2011 3:54 PM, Dennis E. Hamilton wrote:
Rob,
It is an interesting social observation that distrust is not
exemplary of being trustworthy. (Distrust is a kind of permission to
be righteously untrustworthy, as is too easily demonstrated in world
affairs as well as closer to home in regard to specific events
already discussed on this list.)
In my thinking, the first act of being trustworthy is being trusting
of those you want to recognize you as trustworthy.
Similarly, the first act towards having an efficient, friendly, and
healthy community mailing list is to both ensure that one tries to write
in a friendly and welcoming manner, and ensure that one focuses on
engaging with community members who show promise of doing real work for
this community.
I have to say that the amount of poor behavior on this list is
astounding; both from committers within the community, and also from a
number of people who (as best I can tell) have no plans of becoming
committers within this community.
Enough about that.
I do want to disassociate AOOo from the ASF record over the years.
That is not the AOOo record. AOOo is not even six months old. AOOo
needs to establish its trustworthiness the old-fashioned way, and it
is not by inheritance or even by association. Not yet.
I agree that trust does take time to build. However while AOOo may be
new - especially in the number of people with a history in OOo code in
the past - it is also part of the ASF.
While the ooo-security@ delegates of the AOOo PPMC are expected to do
the right things and handle security issues for the AOOo project, the
long-running Apache Security Team is there to provide advice and counsel
on processes and expertise. The Apache Security Team is also there to
ensure that the ooo-security@ list - and any potentially ASF hosted
securityteam@ list - is run in an appropriately secure and even handed
fashion.
http://www.apache.org/security/
- Shane
