Nicolas Braud-Santoni: Advocate
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I have worked with Nicolas mainly for DebConf organization for a couple of years. He has proven to be knowledgeable, cool-tempered and very valuable for DebConf orga work. Besides DebConf organization, I share with her an interest on the applications of cryptography on the society at large, and we have exchanged many viewpoints. I take her as a very knowledgeable person with clear, sane policies, interesting in pursuing a stronger crypto culture for Debian and elsewhere. While I have not uploaded nor reviewed nicoo's packages, I have been asked by her for several issues - And I can assert that, at least, her practices go way over my own. So, I clearly support Nicolas Braud-Santoni's request for becoming a DD, uploading. -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEq0HBxor9ZoygRev4ZzoD5MHbkh8FAltkdZoACgkQZzoD5MHb kh8FjRAAu/LK326Dy5Re5tcSK1EXEpFEt9J+A+6LwkdI2MpnxI/KoHI2KY2FqLuJ mfE1T2yHcE/93IdMAzlW5xgeztpK3S5oGWMEV7bmLgGUP2bP+360YLByRPdXz7dB VwGuHaS9cKr3mkyfs5lBbPNRXqbvSaW8wIsc2yWarCT4qBXClv4vaLqWYzg4Ynk3 Ielwgk9Ax8YX93XuqoOPJix9W2Js+MRjgETN0VBPjXAPboACYudlMWuIfhgHhTPT bIeCK8xFnWDhVX7xnYFkPE+NGHyW2ShVPg3jlH83ss33ISe6HNp74FvZQKUjWR+y 5BYXhcWsxFEHIdPDHMtvLj8KsE+GOlteIKk0VCWWawQK+MoqvXLXof+U7Ne49Yyd emcJybRiYrsIjalkMWl8JTKTZnYwam53KUeiSjdnWk0sqn1UKmdEf/JiDk9P5j6Y /Db47xMvBWFku/LjazO9J51Uc+QLXy8xF7E0bAyJzjiHTw38jFu53YyAZVu/oza/ GEY0S+MRIlBwvFNFaI7gZ1KbBQciE4/Bm/PiEImkYxNh3mye9z/DPaFe/Lh1/Xw0 b5e/Ogd0gYzznkeLHDnbgJgBP5QWHmkVzu6GVaBiAyxYtxMtZ3kraCEEmuVajyz7 7cfYgLCwzWzCan2Ao3My3t8vr7wquCqvDDQX2wY6Yn/utUvYjCM= =x3pS -END PGP SIGNATURE- Gunnar Wolf (via nm.debian.org) For details and to comment, visit https://nm.debian.org/process/525 -- https://nm.debian.org/process/525
Re: Helen Koike: Declaration of intent
On Fri, Aug 03, 2018 at 05:42:19PM +0800, Helen Koike wrote: > I wasn't sure if I could have guest access, if yes, then fine, but it > seems that casulana is a core machine and it is possible that DSA team > won't give me access if I am not a DD/DD_nu. Not sure, that would be up to DSA, but I can't imagine them turning down somebody if the cd team allow them. > Agreed. My declaration of intent wasn't clear enough, if I understand, > becoming a DD is also about being recognized as an official member and > have a saying in decisions too, please let me know if my understanding > is not correct. Exactly. Once you are a DD (be it uploading or not, it doesn't matter) you gain voting rights for GRs, elections for the Debian Project Leader, access to the debian-private@ ML which contains stuff that are -guess!- private; nothing Earth-shattering, but still I prefer to make sure there are reason people are joining. > I also want to clarify that what Jonathan mentioned is true, I shouldn't > have asked for DM before, this was a mistake. I am not doing any > packaging at the moment so DM or full DD doesn't make sense. So I > changed the application to DD_nu. Incidentally, looks like Jonathan was quicker than my lunch and already assigned an AM to you ^^ > And I also want to clarify I don't have any bad feelings in how this > discussion was driven and again, I really appreciate all the support > people have given to me. Thank you. I've been pointed out that my messages were not quite welcome, and indeed re-reading them I acknowledge I could have written things differently to have them look less like some kind of passive aggression. > List of contributions: > = > Debian-efi team: > > * First proposed solution (Dak byhand scripts for signing): > I implemented several versions of Dak byhand scripts for code signing, > code can be checked at > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821051 > With the respective test cases. > These were really useful to generate discussions between debian efi > team, the ftp masters and the package maintainers (most of the > discussions were on IRC) As I mentioned, I do remember of your interactions in #-ftp. Your determination to get that matter to an end was quite impressive (talking also as a party that is still waiting on them for a different things for years…) > Not much, but as a DD NON-uploader, I thought that interacting with > packages was not the focus. Could you please clarify what a DD_NU is about? See https://www.debian.org/vote/2010/vote_002 which is the relevant GR that introduced non-uploading DD. Pretty much this is about recognizing people that work on Debian but don't do packaging work, therefore they don't need uploading rights to the archive. The fact that you are asking this is not particularly inspiring to me, but considering the surrounding contributions and how many people supports you, I guess it's fine even if you don't know what you are applying for, I suppose… :) > I am in the organization of dc19. So you do dc17+dc18+dc19. According to previous cases, that's enough to be a dd_nu! At any rate, good luck with your NM process! -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
AMs, please refresh question templates
Hi, The question templates get continual minor changes and it's good to ensure you're using the latest ones. If you're an AM, do please pull from the repository from time to time to ensure you're getting these improvements. (A good test for when you last pulled is whether you `git pull` and get an error from anonscm.debian.org...) Thanks, For front desk: -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
Abhijith PA: Advocate
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 For nm.debian.org, at : I support Abhijith PA 's request to become Debian Developer, uploading. I have worked with Abhijith PA on ruby dependencies for diaspora and gitlab (ruby-secure-headers, ruby-state-machines and others). I have also worked with him in maintaining lists.fsci.org.in (a mailman instance for Free Software community). He does his homework well and is thorough in his work. I have personally worked with Abhijith PA (key EF13EA26A698FF35FD7C902E863D4DF2ED9C28EF) for over 2 years time, and I know Abhijith PA can be trusted to be a full member of Debian, and have unsupervised, unrestricted upload rights, right now. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAltkJtEACgkQzh+cZ0US wipZMA/+LarYjBXwHMAgYApBGAwDcLIyl3pBZFGKDqlj+lGyTmq7MRc9fDq37UZG I+IDuYdiV79Hf36ZwXQTGCV3ONBpCE/PAoqkhP7hbBFvDSOOTixwqpHEZgFbaEuX IxIjsDu2fLDQMEPccNS2NFmlVswtAT00lQXbwD84fn60v3Pu6+kN6/loI5i9//Jt UFlCtnZFQyj3G7ZyUagL17qcGdIsyzcfHUgiU9cDeTtjHl87qEcf5jW+1pfMDfSn SD9foYeUXW6qf8cVhan1sFnrWMXY9QFGo1pCDaCWYIqID2uYJif1cGKwdtcJ8xsQ WuV9j3P107bdiad4gEdOL0Gi0XSqpE8sMZj9b5YzezbfaMMkTAyrFl5U7NsAmxXP 2dg6jApO/eKmj+ZoI9ER34QqC/TbsTtUQIAyqeLXIoxGpMep6ZxUe0Mfvg+f2BRg YWF6n4EyNi6n4yff9+yeyTjsRLAh5K7Toq9AOEhc4PDMkTDozWNKKvhLaY8jbeh9 bwW9IgOV+ZOhqSTZyldAOHK36RSA+GbEmw7lnGTvLwls7DHNxbDgzH4sPh2SHyvP oLP1w31PdvMCugw1cmFEiPIcDdrWFgg2AECSkw9ewZPeZvNDOltRIeNPh8hNuium mpXl0dLjLUHnO8RPUnOUII6CG4Ue9Ngk4QRjtnru4fnFEsyW3og= =nl+8 -END PGP SIGNATURE- Praveen Arimbrathodiyil (via nm.debian.org) For details and to comment, visit https://nm.debian.org/process/526 -- https://nm.debian.org/process/526
Ondřej Kobližek: Advocate
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I hereby support Ondřej Kobližek 's request to become Debian Developer, uploading. I have worked with Ondřej Kobližek on some of the OpenStack packages, and his work was very much ok. -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEtKCq/KhshgVdBnYUq1PlA1hod6YFAltkJZMACgkQq1PlA1ho d6bJeg//bMRnP43GI9Zf2eX/7GdgINhspPaGDnR0Z1ZJ73lwWQPVIiZPSo1Adrxj LMFOv6jnuLYf4ZwxjxO8Zxe9fP38HY3DDACXfKFQ+PuPblfTmDeFh6+fDTQt4b0a Se3SesOyUmYArl8ajqrxJK18I6vKEY2B94dSayHzZTkDEERx4678T2gm0FVvkBN8 coscNlPmjgRlLUMzGBJxRu15SMrAnoCKEvTIQLtIVurwWKSJyMaJ8WHdeqXoJg5X kd36yMsnWv7x3xPmcJaUADLbB3IvyG44eqg32iLayVQWjr/WmyDanPY58TEuQIa3 sucGK5OUy+l4zJ2iIxhKMPnTelwGY3nQvJ68NRyHIR5qAc9EXWXhDficPr9M5xWd IXaJdvx+W9iHybY/QmoOjaq7/9ANHMhNNlOPPIYUjKqoC/Pvot/B4KHKEGVNBkaX SryfJj2UDvacNDqA0sqf67eAJjFersFjTvMLT0FZ8orj2hosPZct/8J3ufaggff6 EZEwRjbmiALX8s/rFWWa57PGJFza/nXsHRwq0Vknn8d6bGe5RywF5TI+94/b7xju C+uVnX3jPgWhhXCeUuWlFfswg4WqHrNjwHtB404joBWGcVLrcaO1Fm+F6kSQkUJk yijoE3BsJHYdlYJots70rmIEQiXo+WMbm6BbgmXIjEg6nw6yXOI= =6hYv -END PGP SIGNATURE- Thomas Goirand (via nm.debian.org) For details and to comment, visit https://nm.debian.org/process/524 -- https://nm.debian.org/process/524
Re: Helen Koike: Declaration of intent
On 08/03/2018 05:16 PM, Mattia Rizzolo wrote: > [ Dropping Helen's archives, as this mail is quite "meta" ] > > On Fri, Aug 03, 2018 at 01:45:48PM +0800, Tiago Bortoletto Vaz wrote: >> Thanks Mattia for bringing your concerns (once more :-). Not everyone >> wants to publicly express their worries on particular nm processes, >> maybe to not to sound rude or offensive to our dear new applicants, who >> are obviously in a more 'vulnerable' position at the moment they express >> their wishes to be publicly recognized as (potential) Debian members. > > This is indeed one reason I'm doing it. I often pondered whether to do > it in public or in private, but turns out that most of the time is > indeed some misunderstanding, like in this case, so having everything in > public is IMHO a good thing. I agree, when discussions are public misunderstandings usually go away faster. > >> A few times I've also felt some discomfort with some applicantions, but >> due to some dificulty on chosing my words (in a non-native language) I >> decided just to let it go... > > Remember that in the nm.d.o website there is a field for comments, that > also let people leave confidential comments that are read only by FD. I > can't talk for everybody, but I at least would like to know if anybody > has concerns on a particular applicant. > I'm personally sad to admit that in past when I shared my concerns in > this mail list I felt mostly ignored, when all it would have takes were > some clarifications on the applications... > >> "...please tell something about yourself, how you came to Debian and Free >> Software, and why you want to volunteer your time. Please describe the >> contributions you have made to Debian, your primary areas of interest >> and any goals you wish to accomplish." > > Indeed one of the reason I couldn't understand this Helen's application > was because of her quite terse introduction... Sorry about that, I agree is was a short introduction, mostly because I assumed that the people reading it would be the people that are here in DebConf and know me, this was an assumption I shouldn't make, sorry about that. > >> For instance, here is a recent statement that I think has room for >> improvement: >> >> "As a member of DebConf18 orga team, I has seem Taowa working in Front >> Desk. Because of his hard work, people can get room key, dorm card, AC >> card without any problem. Also for local team, we can trust him to track >> all dorm card in wafer so that we don't lost any of them." >> >> Although I personally think Taowa has a great potential to become a >> valuable Debian member, I'd rather avoid an advocating text that only >> points his work on a particular Debconf. This has a great potential to >> create noise. > > I pretty much ignored such advocacy. Handing out keys is surely > respectable but hardly enough to be project members... > When the dd_nu concept was introduced one reason that was brought on the > table was to recognize people like the DebConf contributors that would > otherwise not be mentioned anywhere. With Taowa being a member of DC17 > and DC18 that was good enough for me to go ahead without much blinking. > As advocacies go, Holger's words were more "useful" than Hector's or > ChangZhuo's, despite not being formally sent through the website. > >> Regarding Helen's case, I've never worked directly with her, but I've >> seen that she has a long term involvement in Debian. I can atest her >> contributions on mentoring, helping with events, giving talks about >> Debian and I'm happy to have had here in DC18 very good references about >> her on the technical side as well. > > Worry not anymore, I'm not blocking her process! :) > My doubts about Helen dissipated, so I'm not concerned anymore. > Also, despite what some people seem to believe I didn't start this > discussion with the direct goal of blocking her (nor with any other > applicant in the past) but to rather understand better the situation> (OK, I > did block Helen's DM application because that was totally odd for > me and didn't make sense, and indeed it was not the correct course of > action, as this discussion proved). > > Let me look for an AM now > Thank you :) Helen signature.asc Description: OpenPGP digital signature
Re: Helen Koike: Declaration of intent
Hi Mattia, [ps: I just realized that you replied again, but I spent so much time writing this that I want to send it now :) ] First of all, I appreciate your concerns and it is good to know that people care about the quality of who is becoming an official member of the project. I also want to thanks all the people who supported me. To clarify a bit more the work I've been doing for Debian, I made a list in the bottom of this email, please check. Other reasons to become a DD_nu: I would like to be recognized as an official member of the project. This have motivational reasons, technical reasons (as mentioned in the debian-cloud team part below) and also I would like to have the right to vote and to have a saying in other decisions. On 08/02/2018 07:58 PM, Mattia Rizzolo wrote: > [ CCing also Helen's other application as DM ] [...] > > Have you considered asking for a guest account? > If you only need access to _certain_ machines, that's quite the easy > scapegoat. Also, it could be granted pretty much instantly. I wasn't sure if I could have guest access, if yes, then fine, but it seems that casulana is a core machine and it is possible that DSA team won't give me access if I am not a DD/DD_nu. Please, see in the list of contributions why I would like access to casulana machine. > > > I was also looking at your DM application indeed, but I consider that > pattern "I believe as [more power level] I [could do something]" is a > dangerous train of thought. You shouldn't be asking for something > because probably maybe at some point it might be handy; rather, you > should be trying to do something and see that you are blocked to do that > thing, or maybe have done so many things by going through somebody (i.e. > sent a relevant ton of good patches) to gain trust. Agreed. My declaration of intent wasn't clear enough, if I understand, becoming a DD is also about being recognized as an official member and have a saying in decisions too, please let me know if my understanding is not correct. > > You say "mainly for the debian-cloud image build process". I don't know > how that's done. If it's about code, I trust the code is public and you > could replicate it, same I hope for the build logs of those build > processes; so is there anything blocking you? Note that I totally > believe already that having access to all the relevant machines is more > handy, but I'd like to understand what's the problem. > Also in the context of allowing more external contributors: if > something like that requires any contributors to be able to ssh to a > .d.o machine, than that's something that ought to be fixed. > > > Furthermore, looking at > https://contributors.debian.org/contributor/koike-guest@alioth/ I can > see only contributions to bugs.d.o, > https://bugs.debian.org/cgi-bin/pkgreport.cgi?correspondent=helen.fornaz...@gmail.com=both > lists only 5 bugs. Personally I consider somebody that interacted with > only 5 bugs in the bts to not have enough knowledge of the bts to be > neither DM nor DD (but that's could easily be just me!). Please, see the list of contributions below regarding BTS. I also want to clarify that what Jonathan mentioned is true, I shouldn't have asked for DM before, this was a mistake. I am not doing any packaging at the moment so DM or full DD doesn't make sense. So I changed the application to DD_nu. And I also want to clarify I don't have any bad feelings in how this discussion was driven and again, I really appreciate all the support people have given to me. List of contributions: = Debian-efi team: * First proposed solution (Dak byhand scripts for signing): I implemented several versions of Dak byhand scripts for code signing, code can be checked at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821051 With the respective test cases. These were really useful to generate discussions between debian efi team, the ftp masters and the package maintainers (most of the discussions were on IRC) * Second proposed solution (signing service + byhand): I implemented the signing box package, the tests and the integration with Dak, those can be checked at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821051#257 * Third proposed solution (signing at buildd + byhands scripts): Helped raising discussions about this, most of the discussion were on IRC and dc17. As we were having several disagreements on the infrastructure regarding signing, I helped organizing a secure boot sprint last year (April 2018). * Forth and final proposed solution (signing service + dak API + template package). During the secure boot sprint, I implemented part of the signing service, together with Luke Faraone: https://salsa.debian.org/ftp-team/code-signing (please check commit history). * debian-efi dc18 report: I organized the secure boot status report talk: Talk:
Re: Helen Koike: Declaration of intent
[ Dropping Helen's archives, as this mail is quite "meta" ] On Fri, Aug 03, 2018 at 01:45:48PM +0800, Tiago Bortoletto Vaz wrote: > Thanks Mattia for bringing your concerns (once more :-). Not everyone > wants to publicly express their worries on particular nm processes, > maybe to not to sound rude or offensive to our dear new applicants, who > are obviously in a more 'vulnerable' position at the moment they express > their wishes to be publicly recognized as (potential) Debian members. This is indeed one reason I'm doing it. I often pondered whether to do it in public or in private, but turns out that most of the time is indeed some misunderstanding, like in this case, so having everything in public is IMHO a good thing. > A few times I've also felt some discomfort with some applicantions, but > due to some dificulty on chosing my words (in a non-native language) I > decided just to let it go... Remember that in the nm.d.o website there is a field for comments, that also let people leave confidential comments that are read only by FD. I can't talk for everybody, but I at least would like to know if anybody has concerns on a particular applicant. I'm personally sad to admit that in past when I shared my concerns in this mail list I felt mostly ignored, when all it would have takes were some clarifications on the applications... > "...please tell something about yourself, how you came to Debian and Free > Software, and why you want to volunteer your time. Please describe the > contributions you have made to Debian, your primary areas of interest > and any goals you wish to accomplish." Indeed one of the reason I couldn't understand this Helen's application was because of her quite terse introduction... > For instance, here is a recent statement that I think has room for > improvement: > > "As a member of DebConf18 orga team, I has seem Taowa working in Front > Desk. Because of his hard work, people can get room key, dorm card, AC > card without any problem. Also for local team, we can trust him to track > all dorm card in wafer so that we don't lost any of them." > > Although I personally think Taowa has a great potential to become a > valuable Debian member, I'd rather avoid an advocating text that only > points his work on a particular Debconf. This has a great potential to > create noise. I pretty much ignored such advocacy. Handing out keys is surely respectable but hardly enough to be project members... When the dd_nu concept was introduced one reason that was brought on the table was to recognize people like the DebConf contributors that would otherwise not be mentioned anywhere. With Taowa being a member of DC17 and DC18 that was good enough for me to go ahead without much blinking. As advocacies go, Holger's words were more "useful" than Hector's or ChangZhuo's, despite not being formally sent through the website. > Regarding Helen's case, I've never worked directly with her, but I've > seen that she has a long term involvement in Debian. I can atest her > contributions on mentoring, helping with events, giving talks about > Debian and I'm happy to have had here in DC18 very good references about > her on the technical side as well. Worry not anymore, I'm not blocking her process! :) My doubts about Helen dissipated, so I'm not concerned anymore. Also, despite what some people seem to believe I didn't start this discussion with the direct goal of blocking her (nor with any other applicant in the past) but to rather understand better the situation. (OK, I did block Helen's DM application because that was totally odd for me and didn't make sense, and indeed it was not the correct course of action, as this discussion proved). Let me look for an AM now -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: Helen Koike: Declaration of intent
On Fri, Aug 03, 2018 at 12:39:24AM -0300, Tassia Camoes Araujo wrote: > On Thu, Aug 02, 2018 at 01:58:16PM +0200, Mattia Rizzolo wrote: > > Furthermore, looking at > > https://contributors.debian.org/contributor/koike-guest@alioth/ I can > > see only contributions to bugs.d.o, > > Please do not assume that contributors.d.o is a comprehensive > source of information. Unfortunatelly, we still don't have the means to track > contributions from all sorts, especially those more 'difuse', that happen more > in real life than in code repositories. Of course I do not assume such a thing. But the application talks only about techinical stuff: work with EFI (btw, I do remember her pushing for EFI signing on IRC) and cloud teams. Those are totally things that happen in code repositories. Only one advocacy mentions work on DC19. But anyway, contributors.debian.org was made with the exact porpuse of making traking non-packaging contributions more easily. I recomend anybody that is involved in any of those fields to have a look at it, write up a data source (which is incredibly easy to do) to submit contributions data (iirc there were talks about hooking up something pseudo-directly on salsa, not sure how this progressed). > Helen has act as a Debian advocate and mentor for newbies for a while This wasn't mentioned in the application. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature
Re: Helen Koike: Declaration of intent
On Fri, Aug 03, 2018 at 12:03:53PM +0800, Jonathan Wiltshire wrote: > I think some confusion may have arisen from Helen's application to dm > first and then soon after to dd_nu as well. That was surely one point, especially one (dm) that in my view didn't make any sanse (especially after you wrote she has sufficient sponsorship potential in her teams). > Not all contributions to > Debian are easily seen or involve uploading to the archive, but I am still > keen to recognise them. Of course, that's the goal of dd_nu! I was somewhat taken aback first by the weirdness of the double application, and also because both the declaration of intent and the advocacies could have used with a lot of more details on what she has done, they are all about how generally good Helen is and her potential… Given indeed that is hard to track the work some dd_nu people do (because our tooling pretty much sucks for non-packaging work), more details than a dd_u (for whom looking up their packages is easy) are needed. > dd_nu allows recognition of work in Debian, voting rights and some official > standing; whilst dm means we delegate deciding someone's readiness to > upload limited packages to the archive to those people who work with them > more closely. A detail that may not be known to everybody: since what I believe is less than a year, dd_nu people could be granted DM rights like DMs (as somebody can't be dd_nu and dm at the same time). -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. more about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature