1. Identification & Account Data -------------------------------- First name: Michael Last name: Gilbert Key fingerprint: 1FBB 8F04 9963 FA03 2C3D AD88 A784 FF77 0F0F 4FFA Account: mgilbert Forward email: michael.s.gilbert@gmail.com ID check passed, key signed by 2 existing developers: Output from keycheck.sh: pub 8192R/0F0F4FFA 2009-08-13 [expires: 2019-08-11] Key fingerprint = 1FBB 8F04 9963 FA03 2C3D AD88 A784 FF77 0F0F 4FFA uid Michael Gilbert <michael.s.gilbert@gmail.com> sig! 6E76D81D 2010-08-01 Sean Finney <seanius@seanius.net> sig! 4E2ECA5A 2010-08-03 Moritz Muehlenhoff <jmm@debian.org> sig!3 0F0F4FFA 2009-08-13 Michael Gilbert <michael.s.gilbert@gmail.com> sub 8192R/02D6F473 2009-08-13 [expires: 2019-08-11] sig! 0F0F4FFA 2009-08-13 Michael Gilbert <michael.s.gilbert@gmail.com> sub 8192R/97CB91C3 2009-08-13 [expires: 2019-08-11] sig! 0F0F4FFA 2009-08-13 Michael Gilbert <michael.s.gilbert@gmail.com> Key is OpenPGP version 4 or greater. Key has 8192 bits. Valid "e" flag, expires Sun 11 Aug 2019 02:15:05 CEST. Valid "s" flag, expires Sun 11 Aug 2019 02:15:05 CEST. 2. Background ------------- Applicant writes: My name is Michael Gilbert. I'm a 32 year-old student working toward my PhD in electrical engineering at Ohio State University in the United States of America. The primary focus of my research is computational elecromagnetics. I'm a heavy user of python, numpy, scipy, tex, and matplotlib supporting that, but my Debian work hasn't been in that area at all. When I'm at home I'm more interested in games, computer security, web browsers, and general issues/bugs that I come across. I submitted my first Debian bug report way back in 2004, which seems like an eternity ago now. But anyway, my first installation was at that time, and I ended up finding and submitting a lot of d-i bugs. This was when sarge was under development and d-i was brand new, so there were a lot of things to find. I felt my first sense of accomplishment in 2005 after spending quite a while trying to figure out why I could install over wifi on a particular laptop that I had at the time, but networking wouldn't work after rebooting (bug #291144). After days and days fiddling with the installer, I found that it my firewire device wasn't getting discovered appropriately. I felt really good after working hard to find and ultimately provide enough info to be able to fix this problem. That hardware was very common Dell inspiron laptop, and afterwards it was known as a really solid platform for running Debian. Anyway, that sense of accomplishment really got me started on my path to contributing. In 2008, I started to get more interested in computer security, and wanted to find out what specifically I could do to increase the security of my systems, so I started following various security mailing lists and conveying what I saw there via bug reports and patches to Debian. Those are far too numberous to list here. See bugs tagged security on my bts page. Overall, I have submitted over 800 bug reports to the Debian bts over the past seven years, which seems like an insanely large number. A lot of those (probably over 500) were security issues that were quickly fixed by maintainers (or more often the security team or myself) thanks to getting the issue appropriately categorized and triaged. Last year, I started building and providing monthly testing snapshot releases, which address part of the Constantly Usable Testing (CUT) project's goals (i.e. making testing installable at all times and releasing snapshots regularly) . These also provide a more rapid semi-stable releases and support newer hardware thanks to the newer kernels from testing. The approach is also incredibly simple. I just build d-i cd images from snapshot.debian.org for each four-times daily testing snapshot archived there, and patch the installer to only pull packages from that snapshot. At various times, I've been involved on the debian-release, debian-mentors, debian-security, debian-security-tracker, debian-games, and debian-devel mailing lists. I hang out in the debian-security, debian-release, and debian-games channel. I just recently attended DebConf 10 in New York city last year. One thing that I would like to work on after becomming a DD is to improve the mentorship/growth/contribution process in Debian; for example, I would like to start treating RFSs as bugs so its much clearer what open tasks need work [2]. I would also like to continue working on improving security and the security tracker; as well as package hardening. 3. Philosophy and Procedures ----------------------------- Mike has a good understanding of Debian's philosophy and procedures and answered all my questions about the social contract, DFSG, BTS, etc. in a good way. He committed to uphold the SC and DFSG in his Debian work and accepts the DMUP. 4. Tasks and Skills ------------------- Mike has a good understanding of the technical side of Debian. He is maintainer of ghostscript, xpdf, chromium-browser, amongst others. All packages are in good shape. He's also very active with handling security issues in Debian. He also answered my other questions regarding T&S without problems and provided patches for RC bugs. I feel it's important to acknowledge here the thread on debian-newmaint entitled "negative vote for maintainer Michael Gilbert". I've taken note of the complaints raised in that thread. However, as I've also responded in the thread, I do not believe the complaints have enough merit to lead to a veto for this maintainer. I feel strengthened in this position by the several DD's in the thread that have responded. In my interactions with him and previous encounters in the security team I've constantly had the impression that he's technically competent. He was very enthousiastic and has taken on much work. I got the impression that in the past out of enthousiasm he'd taken on just a few tasks too many, which concern I've raised with him and which he understood. 5. Recommendation ----------------- I recommend to accept Michael Gilbert as a Debian Developer.
Attachment:
signature.asc
Description: This is a digitally signed message part.