> On 18 Jun 2016, at 04:06, Brett Cannon <br...@python.org> wrote: > > Do we need a security SIG? E.g. would people like Christian and Cory like to > have a separate place to talk about the ssl stuff brought up at the language > summit?
Honestly, I’m not sure what we would gain. Unless that SIG is empowered to take action, all it will be is a factory for generating arguments like this one. It will inevitably be either a toxic environment in itself, or a source of toxic threads on python-dev as the security SIG brings new threads like this one to the table. It should be noted that of the three developers that originally stepped forward on the security side of things here (myself, Donald, and Christian), only I am left subscribed to python-dev and nosy’d on the relevant issues. Put another way: each time we do this, several people on the security side burn themselves out in the thread and walk away (it’s possible that those on the other side of the threads do too, I just don’t know those people so well). It’s hard to get enthusiastic about signing people up for that. =) Cory
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
