Re: Security support proposed workflow for the very-old-stable (was: Dreamhost dumps Debian)
On Tue, Aug 20, 2013 at 09:33:52PM +0200, Thomas Goirand wrote:
> My initial idea wasn't to never *impose* the extended security
> maintenance to all DDs. Instead, we could do it on a best-effort basis,
> collectively. Meaning that anyone willing to do security fixes for the
> EOL distribution (one year after stable is released) could do so through
> a special repository. [...]
> This effort could be done experimentally to start with, through a
> non-official debian.net repository, when Squeeze will be EOL. Then if it
> works well for the next 2 years after Squeeze is EOL, then probably we
> can make it a bit more official.
There's a practical consideration from starting with mostly-official:
old systems won't configure themselves to use your repository, and in the
real world, they don't even care about such details like no security
support. The box does still work? It can stay.
Thus it might be good to host the best-effort repository on, or 302ed from,