also sprach Henrique de Moraes Holschuh <hmh@debian.org> [2005.08.27.1720 +0200]: > Huh? They probably do, for all I know. Whether they have people > they trust for the job right now is something else, though. We > can probably expect It's hard to tell for the requirements are not publicly available. This means that it's impossible for anyone to actually work towards the goal of helping the stable security team. > that some people will be promoted from the testing security team > to the stable one in a reasonable timeframe (some months) without > much fuss. Some months is not a reasonable time frame for something like security; ever additional day hurts the project reputation severely, at least here in Germany and Switzerland. I have clients (one of which is a major German bank) voicing their concerns and considering switching away from Debian to Solaris because of the security fiascos. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer and author: http://debiansystem.info `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP (sub)keys? Use subkeys.pgp.net as keyserver! there are only 10 types of people in the world: those who understand binary and those who don't.
Attachment:
signature.asc
Description: Digital signature (GPG/PGP)