On 2017-10-27 15:30:34 +0200 (+0200), Thierry Carrez wrote: [...] > I think the Security project team would benefit from becoming a > proper SIG. [...]
I tend to agree, though it's worth also considering what the implications are for vulnerability management under the new model. The VMT tended to act as an independent task force in the beforetime, until the big t^W^Wproject reform of 2014, and then allied itself with the newly-formed Security Team while continuing operation autonomously under a fairly independent mandate. Does this still make sense in a Security SIG context, or should we be considering alternative (perhaps more formal?) governance for the VMT in that scenario? I don't have especially cogent thoughts around this yet, so interested to hear what others in the community think. -- Jeremy Stanley
signature.asc
Description: Digital signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
