1. Identification & Account Data
--------------------------------
First name: Michael
Last name: Gilbert
Key fingerprint: 1FBB 8F04 9963 FA03 2C3D AD88 A784 FF77 0F0F 4FFA
Account: mgilbert
Forward email: michael.s.gilbert@gmail.com
ID check passed, key signed by 2 existing developers:
Output from keycheck.sh:
pub 8192R/0F0F4FFA 2009-08-13 [expires: 2019-08-11]
Key fingerprint = 1FBB 8F04 9963 FA03 2C3D AD88 A784 FF77 0F0F 4FFA
uid Michael Gilbert <michael.s.gilbert@gmail.com>
sig! 6E76D81D 2010-08-01 Sean Finney <seanius@seanius.net>
sig! 4E2ECA5A 2010-08-03 Moritz Muehlenhoff <jmm@debian.org>
sig!3 0F0F4FFA 2009-08-13 Michael Gilbert
<michael.s.gilbert@gmail.com>
sub 8192R/02D6F473 2009-08-13 [expires: 2019-08-11]
sig! 0F0F4FFA 2009-08-13 Michael Gilbert
<michael.s.gilbert@gmail.com>
sub 8192R/97CB91C3 2009-08-13 [expires: 2019-08-11]
sig! 0F0F4FFA 2009-08-13 Michael Gilbert
<michael.s.gilbert@gmail.com>
Key is OpenPGP version 4 or greater.
Key has 8192 bits.
Valid "e" flag, expires Sun 11 Aug 2019 02:15:05 CEST.
Valid "s" flag, expires Sun 11 Aug 2019 02:15:05 CEST.
2. Background
-------------
Applicant writes:
My name is Michael Gilbert. I'm a 32 year-old student working toward my PhD in
electrical engineering at Ohio State University in the United States of
America. The primary focus of my research is computational elecromagnetics.
I'm a heavy user of python, numpy, scipy, tex, and matplotlib supporting that,
but my Debian work hasn't been in that area at all. When I'm at home I'm more
interested in games, computer security, web browsers, and general issues/bugs
that I come across.
I submitted my first Debian bug report way back in 2004, which seems like an
eternity ago now. But anyway, my first installation was at that time, and I
ended up finding and submitting a lot of d-i bugs. This was when sarge was
under development and d-i was brand new, so there were a lot of things to
find.
I felt my first sense of accomplishment in 2005 after spending quite a while
trying to figure out why I could install over wifi on a particular laptop that
I had at the time, but networking wouldn't work after rebooting (bug #291144).
After days and days fiddling with the installer, I found that it my
firewire device wasn't getting discovered appropriately. I felt really good
after working hard to find and ultimately provide enough info to be able to
fix this problem. That hardware was very common Dell inspiron laptop, and
afterwards it was known as a really solid platform for running Debian.
Anyway, that sense of accomplishment really got me started on my path to
contributing.
In 2008, I started to get more interested in computer security, and wanted to
find out what specifically I could do to increase the security of my systems,
so I started following various security mailing lists and conveying what I saw
there via bug reports and patches to Debian. Those are far too numberous to
list here. See bugs tagged security on my bts page.
Overall, I have submitted over 800 bug reports to the Debian bts over the past
seven years, which seems like an insanely large number. A lot of those
(probably over 500) were security issues that were quickly fixed by
maintainers
(or more often the security team or myself) thanks to getting the issue
appropriately categorized and triaged.
Last year, I started building and providing monthly testing snapshot releases,
which address part of the Constantly Usable Testing (CUT) project's goals
(i.e. making testing installable at all times and releasing snapshots
regularly) . These also provide a more rapid semi-stable releases and support
newer hardware thanks to the newer kernels from testing. The approach is also
incredibly simple. I just build d-i cd images from snapshot.debian.org for
each four-times daily testing snapshot archived there, and patch the installer
to only pull packages from that snapshot.
At various times, I've been involved on the debian-release, debian-mentors,
debian-security, debian-security-tracker, debian-games, and debian-devel
mailing lists. I hang out in the debian-security, debian-release, and
debian-games channel. I just recently attended DebConf 10 in New York city
last year.
One thing that I would like to work on after becomming a DD is to improve the
mentorship/growth/contribution process in Debian; for example, I would like to
start treating RFSs as bugs so its much clearer what open tasks need work [2].
I would also like to continue working on improving security and the security
tracker; as well as package hardening.
3. Philosophy and Procedures
-----------------------------
Mike has a good understanding of Debian's philosophy and procedures
and answered all my questions about the social contract,
DFSG, BTS, etc. in a good way. He committed to uphold the SC and DFSG
in his Debian work and accepts the DMUP.
4. Tasks and Skills
-------------------
Mike has a good understanding of the technical side of Debian.
He is maintainer of ghostscript, xpdf, chromium-browser, amongst
others. All packages are in good shape. He's also very active with
handling security issues in Debian.
He also answered my other questions regarding T&S without problems
and provided patches for RC bugs.
I feel it's important to acknowledge here the thread on debian-newmaint
entitled "negative vote for maintainer Michael Gilbert". I've taken note of
the complaints raised in that thread. However, as I've also responded in
the thread, I do not believe the complaints have enough merit to lead to a
veto for this maintainer. I feel strengthened in this position by the
several DD's in the thread that have responded.
In my interactions with him and previous encounters in the security team
I've constantly had the impression that he's technically competent. He was
very enthousiastic and has taken on much work. I got the impression that in
the past out of enthousiasm he'd taken on just a few tasks too many, which
concern I've raised with him and which he understood.
5. Recommendation
-----------------
I recommend to accept Michael Gilbert as a Debian Developer.
Attachment:
signature.asc
Description: This is a digitally signed message part.