openoffice-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <>
Subject Re: PMC report for October 2011
Date Wed, 12 Oct 2011 16:52:36 GMT
On Wed, Oct 12, 2011 at 12:39 PM, Dennis E. Hamilton
<> wrote:
> I confess that I am having trouble extracting concrete actionables from Ross's request.
 I need to reread the thread from the beginning.
> One thing, off-hand.  I believe the commitment is to support mutual security concerns
via security@ OO.o or any successor, not via some special arrangement with TDF security.  On
behalf of that, ooo-security@ has become an observer at security@ OO.o.  Having members on
security@ OO.o has not yet been established.  It is also proposed to stabilize custodianship
of security@ OO.o using Apache hosting.  That will require ensuring that treatment of all
participants on security@ shall be even-handed and professional, and demonstrating that Apache
can be counted on for that.
> If that is a matter that the Board might wish to be aware of, it might be said more succinctly.
> Also, I would recommend that, because the start-up of something so challenging as AOOo
is so daunting, and the fact that IP clearance work is ongoing, that the podling
be kept on monthly reporting for the quarterly reporting cycle the podling is now in.

To me that suggests we concentrate on the work that we need to do, and
not reports.  Can you name one useful thing that we've ever heard back
from the ASF Board based on any of our other reports?  Why would more
frequent reports help us?  Not that I'd object, if you're volunteering
to write them.

>  - Dennis
> -----Original Message-----
> From: Ross Gardler []
> Sent: Wednesday, October 12, 2011 06:05
> To:
> Subject: Re: PMC report for October 2011
> On 12 October 2011 13:51, Rob Weir <> wrote:
>> On Wed, Oct 12, 2011 at 6:34 AM, Ross Gardler
>> <> wrote:
>>> Before I sign off I'd like to see the report address external
>>> communications explicitly.
>>> The project has a real problem right now with asserting itself as the
>>> project and defining how it will interact with
>>> downstream projects. Is the community going to take ownership of this?
>>> It would be nice to see a statement from the PPMC making it explicit
>>> what they wish to tackle and, where possible, how. For example, after
>>> a flurry of discussion about improved security reporting processes and
>>> collaboration opportunities is the PPMC going to deliver or will this
>>> just die down and go away?
>> In that other long thread -- and it is understandable if you missed
>> this -- I said:
> I did see your statement, I'm hoping the PPMC will rally behind it in
> time to be able to put it something like it in the board report and
> make it official ;-)
> I didn't comment on your original proposal, as I don't have the time
> to monitor another mailing list (nor the skills in the case of
> security issues).  Others might be interested in helping, but they
> won't see it in that thread.
>> So I'm proposing that a couple Apache members step up to the plate on
>> this as well.  What do you say?
> If you feel this is important than flag it in the board report. Part
> of the purpose of the board report is to indicate what the foundation
> as a whole can do to help the project. It is true that your mentors
> are here to help realise that, and in this case the board will
> probably just assume the mentors are helping. However, when you are a
> top level project that will not be the case. Hence my suggestion that
> this might be appropriate for your report. It is a community issue
> that would benefit from the experience we can find at board level.
> Please note, however, that my request was not solely about security
> issues, it's also about management of press around the project and its
> trademarks. If you are not yet ready to make a statement about that
> then that's fine, but we probably want to think about it in the
> future.
> Ross

View raw message