Re: Stable security support

To: Steve Langasek <vorlon@debian.org>, debian-project@lists.debian.org
Subject: Re: Stable security support
From: Adrian von Bidder <avbidder@fortytwo.ch>
Date: Thu, 22 Dec 2005 12:34:40 +0100
Message-id: <[🔎] 200512221234.40656.avbidder@fortytwo.ch>
In-reply-to: <[🔎] 20051222110815.GC7648@tennyson.dodds.net>
References: <[🔎] 20051220183337.GB13699@localhost.localdomain> <[🔎] 200512221123.32828.avbidder@fortytwo.ch> <[🔎] 20051222110815.GC7648@tennyson.dodds.net>

On Thursday 22 December 2005 12.08, Steve Langasek wrote:
> On Thu, Dec 22, 2005 at 11:23:32AM +0100, Adrian von Bidder wrote:
> > Ah.  To me, that is quite a bit of the missing piece of information on
> > why you feel this GR is needed.  To me the GR sounds very much
> > wishy-washy, kind of 'let's appoint some people who might then do some
> > work.'  With what you say here, I can see the motivation for this GR. 
> > Also, it becomes clearer as it's apparently not clear whether the
> > security team are delegates - I assumed they were (and feel they should
> > be).
> >
> > Maybe - is it time to clear this issue now?
>
> Well, this would not be "skipping over" worrying about the delegation
> question, as Anthony suggests.

Correct.

> The only point I see in establishing that existing security team members
> are delegates is if you plan for the DPL to rescind their delegate status
> (or threaten to, I guess).

Or to propose that the DPL just delegates the people to the tasks aj 
proposed.  For me, this requires clearing the status of the current secteam 
members, because I don't think having 'delegated secteam members' alongside 
'pre-delecation secteam members with unclear status' is a good idea.

> > Back to the topic at hand:  Can't Joeyh, Steve and Micah just be added
> > to the security team[1]
>
> Er... there's quite a difference in scope between "talk to the security
> team about existing processes and try to help identify possible
> improvements" and "sit on the security team".  I sure haven't agreed to
> the second,

Point taken.

> and I don't think a GR (or unilateral delegation) is a 
> particularly good way to choose members for a *team*, either.

Nobody talked about unilateral.  See the disclaimer both aj and I mentioned?

Actually one of the reason I don't feel a GR should be used here is that I 
feel that would exactly be an unilateral action, potentially antagonizing 
the current security team.  At least until that the current secteam 
indicates that this GR is welcome to them.

cheers
-- vbi

-- 
Beware of the FUD - know your enemies. This week
    * The Alexis de Toqueville Institue *
http://fortytwo.ch/opinion/adti

Attachment: pgpOXChE5HLva.pgp
Description: PGP signature

Reply to:

References:
- Stable security support
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: Stable security support
  - From: Adrian von Bidder <avbidder@fortytwo.ch>
- Re: Stable security support
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: Experiment: poll on "switching to vim-tiny for standard vi?"
Next by Date: Re: Stable security support
Previous by thread: Re: Stable security support
Next by thread: Re: Stable security support
Index(es):
- Date
- Thread