incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <dennis.hamil...@acm.org>
Subject RE: [proposal] Neutral / shared security list ...
Date Tue, 25 Oct 2011 22:44:48 GMT
Dave, if you are going to do that, just relabeling a thread is not helpful.

Please compose a specific concrete proposal under a [DISCUSS], and announce the duration and
end-time for a lazy consensus at the top.

Give it at least 3 full 24-hour calendar days. 

I don't have any sense that there is alignment yet, but there may be in that time and I am
happy to be mistaken.  Then at the end, if there is a consensus, please report what it is.

 - Dennis

-----Original Message-----
From: Dave Fisher [mailto:dave2wave@comcast.net] 
Sent: Tuesday, October 25, 2011 15:35
To: ooo-dev@incubator.apache.org
Cc: floeff@documentfoundation.org
Subject: Re: [proposal] Neutral / shared security list ...

Hi -

Sorry to reply to myself.

Even though there are choices in this email. Please view it as a proposal. Where we are seeking
lazy consensus.

On Oct 25, 2011, at 3:26 PM, Dave Fisher wrote:

> On Oct 25, 2011, at 3:18 PM, Simon Phipps wrote:
> 
>> On Wed, Oct 26, 2011 at 12:04 AM, Dave Fisher <dave2wave@comcast.net> wrote:
>> 
>>> 
>>> Agreed. We need to pick a neutral domain name. office-security.org is
>>> apparently free.
>>> 
>>> Some institution needs to buy domain registration. I've been the volunteer
>>> registrar for a social groups domain, it is a pain to transition. This needs
>>> to be an institution, it could be Team OOo?
>>> 
>> 
>> I think they are too close to the matter.  SPI exists specifically to hold
>> assets in trust - perhaps they would hold the registration for us all?  If
>> we agree I'd be happy to volunteer to contact them.
>> 
>> It's also possible we could ask OSI to do it - Jim Jagielski and I are both
>> on the Board at present.
> 
> These are both interesting ideas.

The proposal is to pick a domain and get registration  Simon volunteers to help.


> 
>> 
>> 
>>> 
>>> An ISP for hosting the private ML needs to be selected. Dennis suggests
>>> that the ASF could be that ISP for free. 
> 
> <slight snip/>
> 
> And:
> 
> <insert>
> 
> On Oct 25, 2011, at 2:51 PM, Florian Effenberger wrote:
> 
> <snip/>
> 
>> 
>> If we basically agree that such a list as outlined by me is a way to go, I am happy
to ask a friend of mine who has a very good reputation in being a mail server, mailing list
and security expert, with a very good track record, including all sorts of certifications.
He is offering e-mail services as business.
>> 
>> I just don't want to spread the name publically without asking him first, and I don't
want to ask him, before we have some common understanding. :-)
>> 
> 
> 
> </insert>

The proposal is for the exiting securityteam to choose, the above are two possibilities.


> 
> 
>>> 
>>> securityteam@oo.o is migrated to whatever the new list is, and those
>>> people start administrating.
>>> 
>>> I think it is very important for the public to know who all of the projects
>>> are on the shared ML.

I propose that this shared security team provide a list of participating peers to the public.

>>> 
>>> Are we done already :-)
> 
> Let's let the world revolve to see if we have some Consensus.

Revolve 3x or 72 hours.

Regards,
Dave

> 
> Regards,
> Dave
> 
>>> 
>>> Regards,
>>> Dave
>>> 
>>>> 
>>>> That is fair to anyone, does not exclude anyone, does not benefit one
>>>> over the other -- it's easy, simple, and the best way to go. Sure,
>>>> everyone can create own aliases pointing to that list, but the core is
>>>> the same, and that's what matters.
>>>> 
>>>> If you folks now start complaining about we don't trust Apache, we can
>>>> answer by complaining you don't trust TDF and so on. It's a horrible
>>>> waste of time, it's lame, it does not help anyone, and it makes me doubt
>>>> we're talking amongst adults, seriously.
>>>> 
>>>> And, really, all this crap being tossed around about trustworthiness,
>>>> upstream, downstream, code similarities and insults is worth not even
>>>> the digital paper it's written on.
>>>> 
>>>> I made a simple, plain, and easy proposal. Don't make things overly
>>>> complicated, folks.
>>>> 
>>>> Thanks for considering,
>>>> Florian
>>>> 
>>>> --
>>>> Florian Effenberger <floeff@documentfoundation.org>
>>>> Steering Committee and Founding Member of The Document Foundation
>>>> Tel: +49 8341 99660880 | Mobile: +49 151 14424108
>>>> Skype: floeff | Twitter/Identi.ca: @floeff
>>>> 
>>> 
>>> 
>> 
>> 
>> -- 
>> Simon Phipps
>> +1 415 683 7660 : www.webmink.com
> 


Mime
View raw message