[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Developers vs Uploaders



Anthony Towns schrieb:
> My theory is that we should do something like this:
> 
>      1) create a class of contributors called "debian maintainers"

Just a few thoughts. Please note that I'm still undecided whether I like
your idea or not.

My first thought: do we really need this new class of contributors? I
mean how many people do you currently know fitting in this category
(don't like to become DD just maintainers). I guess there will be some,
but I think the amount of people should be high enough to legitimate
such a big change in our infrastructure.

My second thought: Should we really allow anonymous people to upload
packages? Shouldn't they at least prove that they are who they claim to
be (via gpg-key singed by an existing DD)?

Who is responsible if a maintainer uploads malware, the one who
recommended him? Can we really expect those DDs to take full
responsibility if they aren't forced to check every package like they
currently have to do when sponsoring?

What is our current NM-process for? Especially all those tests you have
to go through. Is it just for the right to vote and the access to our
machines?

Again, those are just a few questions which came to my mind after I read
your proposal, it does not mean that I'm against it.

Oh, and will there be a vote about this issue or is it still in the
discussion-phase or is it already decided?


Cheers,

Bastian

-- 
Bastian Venthur                                      http://venthur.de
Debian Developer                                 venthur at debian org



Reply to: