I'd like to invite any security team members who are attending DebConf to the Constantly Usable Testing BoF, Tuesday at 10:30.
http://penta.debconf.org/dc10_schedule/events/681.en.html The purpose of the BoF is to finally explore whether it would make sense to implement the Constantly Usable Testing idea[1], ways to do it, and get feedback and advice from teams that could be affected by it. Way back when, the secure-testing infrastructure was the most important prerequisite for thinking about CUT in the first place. Since all I do for that now is run a cron job :) I am left with questions like these: * Is testing getting security updates frequently enough compared to stable to be able to be promoted to users as "secure"? * How much extra work would be involved in supporting periodic snapshots of testing? * How could having CUT *help* the security team, perhaps by encouraging developers to work faster on security issues in unstable/testing? -- see shy jo [1] http://kitenet.net/~joey/code/debian/cut
signature.asc
Description: Digital signature