community-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lefty Leverenz <leftylever...@gmail.com>
Subject Re: Some maturity model comments
Date Thu, 15 Jan 2015 11:05:22 GMT
Oh, duh, it's the maturity model.  Well, in context I found it confusing.

-- Lefty

On Thu, Jan 15, 2015 at 2:22 AM, Lefty Leverenz <leftyleverenz@gmail.com>
wrote:

> In CO10, what does "according to this model" mean?
>
> *CO10*
>
> The project has a well-known homepage that points to all the information
>> required to operate according to this model.
>>
>
> If it means the Apache model, do most project home pages currently point
> to information about Apache operations?
>
> -- Lefty Leverenz
>
>
> On Wed, Jan 14, 2015 at 8:51 AM, Benson Margulies <bimargulies@gmail.com>
> wrote:
>
>> On Wed, Jan 14, 2015 at 11:46 AM, Rob Vesse <rvesse@dotnetrdf.org> wrote:
>> > LC50:
>> >
>> > I think the LC50 is actually correct but could perhaps be phrased better
>> >
>> > My understanding was that the ASF owns the copyright for the collective
>> > work of the project I.e. releases.  As Benson notes contributors retain
>> > copyright on their contributions but grant the ASF a perpetual license
>> to
>> > their contributions
>>
>> I think that the wording should be expanded to mention both aspects.
>>
>> >
>> > QU30:
>> >
>> > Agreed, some projects may not do anything that is attack prone or are
>> > likely only to be run such that any "security" is provided by whatever
>> > runtime they use and the security of that runtime is well beyond the
>> > purview of the project.
>> >
>> > Consensus building:
>> >
>> > Should there be a CS60 about the rare need for private discussions
>> >
>> > CS60:
>> >
>> > In rare situations (typically security, brand enforcement, legal and
>> > personnel discussions) the project may need to first reach consensus in
>> > private in which case the project should use their official private
>> > communications channel such that these rare private discussions are
>> > privately archived.  The outcomes of such consensus should where
>> possible
>> > be discussed in public as soon as it is appropriate to do so.
>> >
>> > That isn't great wording but hopefully you get what I am trying to
>> convey
>> > - projects should rarely discuss in private and any discussions should
>> > become public as soon as it is possible to do so
>> >
>> > Rob
>> >
>> > On 14/01/2015 15:33, "Benson Margulies" <bimargulies@gmail.com> wrote:
>> >
>> >>CD40: perhaps change 'previous version' to 'released version'
>> >>
>> >>CD50: the committer is not necessarily the author; someone might read
>> >>this and not understand what it implies for committers committing
>> >>contributions via all of the channels allowed for by the AL. One patch
>> >>would be 'immediate provenance', another would be some more lengthier
>> >>language about the process.
>> >>
>> >>LC20: do we need to explain what we mean by 'dependencies'? This has
>> >>been a point of friction. Expand or footnote to the distinctions
>> >>between essential and optional?
>> >>
>> >>LC50: the footnote seems wrong; the ASF does not own copyright,
>> >>rather, the author retains, and grants the license.
>> >>
>> >>RE40: do you want to add an explicit statement that legal
>> >>responsibility falls upon the head of the person who happened to run
>> >>the build?
>> >>
>> >>QU20: Maybe we need to expands on 'secure'? Maybe this is too strong?
>> >>What's wrong with building a product that is explicitly not intended
>> >>for use attack-prone environments.
>> >>
>> >>QU40: Not all communities might agree. Some communities might see
>> >>themselves as building fast-moving products. Some communities may lack
>> >>the level of volunteer effort required to satisfy this. Does this make
>> >>them immature, or just a group of volunteers with different
>> >>priorities?
>> >>
>> >>IN10: I fear that a more detailed definition of independence is going
>> >>to be called for here to avoid controversy.
>> >
>> >
>> >
>> >
>>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message