Re: tag2upload service architecture and risk assessment - draft v2
Ian Jackson writes ("tag2upload service architecture and risk assessment - draft v2"):
> Thanks for all the comments on the draft service architecture I posted
> in late July. [1] I have made a v2, incorporating the various helpful
> suggestions, and the information from the thread.
It has been a week. I'm not sure whether that means people haven't
looked at the linked documents (I guess there might be some tl;dr
going on).
It would be good to get a review of the risk analysis in particular,
hence this ping. I'd appreciate public follow-ups.
Anyway, I'll leave it at least another week. If anyone wants more
time than that to properly review my proposal, please let me know when
you expect to be able to respond.
If no-one has any comments, then I intend to use this set of documents
as basis for asking for a formal go-ahead before I do a lot of
implementation work (privsep code etc.)
Thanks,
Ian.
> Some respondents raised archive integrity concerns. It seemed best to
> address those more formally, and in a more structured way, than as a
> mailing list subthreads. Accordingly, v2 of my proposal has a formal
> risk assessment, in a format loosely borrowed from health and safety
> management.
>
> I think I have captured in the risk assessment all the risks mentioned
> in the thread, but I may well have missed something. Please let me
> know if you think there is anything which is not covered. Also please
> let me know if any of my analysis seems wrong.
>
> Please find an introduction, and detailed documentation, here:
> https://people.debian.org/~iwj/tag2upload/2019-08-20/
>
> Thanks,
> Ian.
>
> [1] This message and the subsequent thread:
> https://lists.debian.org/debian-devel/2019/07/msg00501.html
--
Ian Jackson <ijackson@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
Reply to: