[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Stable security support

On Thu, Dec 22, 2005 at 11:23:32AM +0100, Adrian von Bidder wrote:
> Ah.  To me, that is quite a bit of the missing piece of information on why 
> you feel this GR is needed.  To me the GR sounds very much wishy-washy, 
> kind of 'let's appoint some people who might then do some work.'  With what 
> you say here, I can see the motivation for this GR.  Also, it becomes 
> clearer as it's apparently not clear whether the security team are 
> delegates - I assumed they were (and feel they should be).

> Maybe - is it time to clear this issue now?

Well, this would not be "skipping over" worrying about the delegation
question, as Anthony suggests.

The only point I see in establishing that existing security team members are
delegates is if you plan for the DPL to rescind their delegate status (or
threaten to, I guess).  That doesn't strike me as a very good method of
helping Debian do better at security updates.

> Back to the topic at hand:  Can't Joeyh, Steve and Micah just be added to 
> the security team[1]

Er... there's quite a difference in scope between "talk to the security team
about existing processes and try to help identify possible improvements" and
"sit on the security team".  I sure haven't agreed to the second, and I
don't think a GR (or unilateral delegation) is a particularly good way to
choose members for a *team*, either.

And for your third option of having the security team invite new members in,
that doesn't exactly help us identify a course of action if the security
team *doesn't* do this?

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/

Attachment: signature.asc
Description: Digital signature

Reply to: