On Fri, May 16, 2003 at 09:30:46AM -0400, Matt Zimmerman wrote: > > Yes, and funnily enough, uploads to -p-u have to be processed by the > > release manager, either Joey for stable, or me for testing. How's the > > phrase go? "You suggest distributing the workload, and your concrete > > suggestions are exactly the opposite of that." > "So add people." See where this is going? > With t-p-u, any maintainer can upload their package, review the build logs, > fix any problems, re-upload, etc. Why would you want the security team to > do this instead? One of the paragraphs you didn't quote answered that question: > > Again, the security architecture is there for a reason: it's so > > we have a quick, effective way to get security updates out and > > so we can prepare security updates before they've been publically > > announced. testing-proposed-updates simply does not manage either of > > those things, just as stable-proposed-updates doesn't. security.debian.org is setup for security updates -- it's specifically designed to get them out as quickly as possible, to announce them, and to keep the secret if they've not been widely announced. I don't care if *you* are the person that's doing it, or if it's some complete newbie to the security team; what I do care about is not wasting or unnecessarily duplicating the infrastructure we've specifically designed for this job. Cheers, aj -- Anthony Towns <email@example.com> <http://azure.humbug.org.au/~aj/> I don't speak for anyone save myself. GPG signed mail preferred. ``Dear Anthony Towns: [...] Congratulations -- you are now certified as a Red Hat Certified Engineer!''
Description: PGP signature