incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Crossley <cross...@apache.org>
Subject Re: [PROPOSAL] Sentry for Incubator
Date Fri, 02 Aug 2013 00:46:59 GMT
Shreepadma Venugopalan wrote:
> Thanks for your feedback, Marvin.
> 
> We can defer creating the user list for a while.
> 
> Since Sentry is a security project, we expect security holes to be reported
> and we'd like to keep those discussions on a private list. I understand
> private@ is meant for private PMC discussions. Since the context and the
> membership is different, we'd like to keep the security and PMC discussions
> on separate lists.

See:
http://www.apache.org/security/

There is a useful mention of mail lists at the end of
http://www.apache.org/security/committers.html

-David

> Regards.
> Shreepadma
> 
> On Wed, Jul 31, 2013 at 10:02 AM, Marvin Humphrey <marvin@rectangular.com>wrote:
> 
> > On Tue, Jul 30, 2013 at 12:39 AM, Bertrand Delacretaz
> > <bdelacretaz@apache.org> wrote:
> >
> > > IMO a more diverse set of mentors affiliations would be better
> >
> > +1
> >
> > I'd also like to ask about the email list configuration.
> >
> >     * private@sentry.incubator.apache.org for private PMC discussions
> > (with
> >       moderated subscriptions)
> >     * security@sentry.incubator.apache.org for private security related
> >       discussions
> >     * dev@sentry.incubator.apache.org
> >     * commits@sentry.incubator.apache.org
> >     * user@sentry.incubator.apache.org
> >
> > We've started suggesting that user list creation be deferred for a while --
> > see <http://wiki.apache.org/incubator/MailingListOptions>.  However, in
> > this
> > case, it looks like the incoming project is already pretty big, so a user
> > list
> > may indeed be justified up front.  For what it's worth, I tried to see what
> > kind of traffic was on the existing "Access" list, but it seems that signup
> > was required to view the list archives.
> >
> > The other thing I'd like to ask about is the rationale for separating out
> > security@ from private@.  A handful of Apache TLPs have dedicated
> > security@
> > lists, and I don't object; I'd just like to hear, because I'd like to add a
> > section on security@ lists to the MailingListOptions page.
> >
> > Oh, and naturally the security@ list will need moderated subscriptions
> > like
> > the private@ list. ;)
> >
> > Marvin Humphrey
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: general-help@incubator.apache.org
> >
> >

---------------------------------------------------------------------
To unsubscribe, e-mail: general-unsubscribe@incubator.apache.org
For additional commands, e-mail: general-help@incubator.apache.org


Mime
View raw message