Please see below.

On Wed, Sep 21, 2016 at 4:35 PM, Thierry Carrez <> wrote:
> Chivers, Doug wrote:
>> My concern is with the original wording “The suggested way forward there 
>> would be to remove the "Security project team"”.
>> This seems like a move to instantly reduce investment in OpenStack security, 
>> because the majority of members of the Security Project are corporately 
>> funded, which will be significantly impacted by the removal of the security 
>> project. I have no knowledge over the difference between a working group and 
>> a project, like everyone else on the project we are simply here to 
>> contribute to OpenStack security, drive innovation in security, deliver 
>> documentation like OSSNs, etc, rather than get involved in the politics of 
>> OpenStack.
>> In response to the various questions of why no-one from our project noticed 
>> that we didn’t have a nomination for the PTL, we assumed that was taken care 
>> of. Realistically maybe two or three people on the security project have the 
>> availability to be PTL, one being our current PTL, for all the rest of us 
>> its simply not a concern until we need to vote.
>> On a personal note, reading –dev is unfortunately a lower priority than 
>> designing architectures, responding to customers and sales teams, closing 
>> tickets, writing decks and on the afternoon or so I can spend each week, 
>> working on my upstream projects (this week it was: 
>> - thanks to the Barbican team for 
>> all their work). Possibly this is wrong, but I didn’t sign up as a 
>> contributor to spend all my spare time reading mailing lists.
> So while I still think there is a slight disconnect (like, members of
> the security team are less often involved in other teams) that results
> in the Security team being more likely to miss the very few process
> deadlines that apply to them, I'm not convinced it justifies removing
> the "official" status of the team and make it a workgroup.
> I privately received information that explains why the PTL was not on
> top of things during election weeks. With ~60 teams around there will
> always be one or two that miss and that we must check on. It /always/ is
> symptomatic of /some/ disconnect. But here I'm not sure it passes the
> bar of "non-alignment with the community" that would make the Security
> team unfit to be an official OpenStack team...

I agree with your assessment Thierry and will support keeping the
Security Team as an official OpenStack Team.

> --
> Thierry Carrez (ttx)
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe:

Davanum Srinivas ::

OpenStack Development Mailing List (not for usage questions)

Reply via email to