Chivers, Doug wrote:
> My concern is with the original wording “The suggested way forward there 
> would be to remove the "Security project team"”. 
> This seems like a move to instantly reduce investment in OpenStack security, 
> because the majority of members of the Security Project are corporately 
> funded, which will be significantly impacted by the removal of the security 
> project. I have no knowledge over the difference between a working group and 
> a project, like everyone else on the project we are simply here to contribute 
> to OpenStack security, drive innovation in security, deliver documentation 
> like OSSNs, etc, rather than get involved in the politics of OpenStack.
> In response to the various questions of why no-one from our project noticed 
> that we didn’t have a nomination for the PTL, we assumed that was taken care 
> of. Realistically maybe two or three people on the security project have the 
> availability to be PTL, one being our current PTL, for all the rest of us its 
> simply not a concern until we need to vote.
> On a personal note, reading –dev is unfortunately a lower priority than 
> designing architectures, responding to customers and sales teams, closing 
> tickets, writing decks and on the afternoon or so I can spend each week, 
> working on my upstream projects (this week it was: 
> - thanks to the Barbican team for 
> all their work). Possibly this is wrong, but I didn’t sign up as a 
> contributor to spend all my spare time reading mailing lists.

So while I still think there is a slight disconnect (like, members of
the security team are less often involved in other teams) that results
in the Security team being more likely to miss the very few process
deadlines that apply to them, I'm not convinced it justifies removing
the "official" status of the team and make it a workgroup.

I privately received information that explains why the PTL was not on
top of things during election weeks. With ~60 teams around there will
always be one or two that miss and that we must check on. It /always/ is
symptomatic of /some/ disconnect. But here I'm not sure it passes the
bar of "non-alignment with the community" that would make the Security
team unfit to be an official OpenStack team...

Thierry Carrez (ttx)

OpenStack Development Mailing List (not for usage questions)

Reply via email to