incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <dennis.hamil...@acm.org>
Subject RE: PMC report for October 2011
Date Wed, 12 Oct 2011 16:39:41 GMT
I confess that I am having trouble extracting concrete actionables from Ross's request.  I
need to reread the thread from the beginning.

One thing, off-hand.  I believe the commitment is to support mutual security concerns via
security@ OO.o or any successor, not via some special arrangement with TDF security.  On behalf
of that, ooo-security@ has become an observer at security@ OO.o.  Having members on security@
OO.o has not yet been established.  It is also proposed to stabilize custodianship of security@
OO.o using Apache hosting.  That will require ensuring that treatment of all participants
on security@ shall be even-handed and professional, and demonstrating that Apache can be counted
on for that.

If that is a matter that the Board might wish to be aware of, it might be said more succinctly.

Also, I would recommend that, because the start-up of something so challenging as AOOo is
so daunting, and the fact that IP clearance work is ongoing, that the OpenOffice.org podling
be kept on monthly reporting for the quarterly reporting cycle the podling is now in.

 - Dennis




-----Original Message-----
From: Ross Gardler [mailto:rgardler@opendirective.com] 
Sent: Wednesday, October 12, 2011 06:05
To: ooo-dev@incubator.apache.org
Subject: Re: PMC report for October 2011

On 12 October 2011 13:51, Rob Weir <robweir@apache.org> wrote:
> On Wed, Oct 12, 2011 at 6:34 AM, Ross Gardler
> <rgardler@opendirective.com> wrote:
>> Before I sign off I'd like to see the report address external
>> communications explicitly.
>>
>> The project has a real problem right now with asserting itself as the
>> OpenOffice.org project and defining how it will interact with
>> downstream projects. Is the community going to take ownership of this?
>>
>> It would be nice to see a statement from the PPMC making it explicit
>> what they wish to tackle and, where possible, how. For example, after
>> a flurry of discussion about improved security reporting processes and
>> collaboration opportunities is the PPMC going to deliver or will this
>> just die down and go away?
>>
>
> In that other long thread -- and it is understandable if you missed
> this -- I said:

I did see your statement, I'm hoping the PPMC will rally behind it in
time to be able to put it something like it in the board report and
make it official ;-)

I didn't comment on your original proposal, as I don't have the time
to monitor another mailing list (nor the skills in the case of
security issues).  Others might be interested in helping, but they
won't see it in that thread.

> So I'm proposing that a couple Apache members step up to the plate on
> this as well.  What do you say?

If you feel this is important than flag it in the board report. Part
of the purpose of the board report is to indicate what the foundation
as a whole can do to help the project. It is true that your mentors
are here to help realise that, and in this case the board will
probably just assume the mentors are helping. However, when you are a
top level project that will not be the case. Hence my suggestion that
this might be appropriate for your report. It is a community issue
that would benefit from the experience we can find at board level.

Please note, however, that my request was not solely about security
issues, it's also about management of press around the project and its
trademarks. If you are not yet ready to make a statement about that
then that's fine, but we probably want to think about it in the
future.

Ross


Mime
View raw message