[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Constitutional Amendment GR: Handling assets for the project

Anthony Towns <aj@azure.humbug.org.au> writes:
> Again, if someone wants to volunteer to help get this right, please
> stick your hand up.

I haven't been following this thread too well lately, but what are
your thoughts on this? I'm willing to volunteer, as I do have some
experience in non-professional accounting and auditing (I'm not an
accounting or auditing professional but do have about 20 years of
experience in doing accounting and auditing for non-profit
organizations of various sizes).

My understanding is that there are three kinds of assets Debian has
(held in trust by SPI): monetary, hardware and IP. A trivial way of
auditing these is as follows (this is from a Finnish perspective, US
may do things differently).

Monetary assets: Bank statements for the auditing period provide
enough information in the normal case.

Hardware: For servers on the Internet, SSH access to those should
provide enough information as to their configuration.

IP: This requires a bit more work (I admit I have little experience in
this field). I'd say that a statement from the board as to what has
been done to protect the IP, including any applications made to the
proper authorities, would be a good start.

* Sufficiently advanced magic is indistinguishable from technology (T.P)  *
*           PGP public key available @ http://www.iki.fi/killer           *

Reply to: