From dev-return-2779-archive-asf-public=cust-asf.ponee.io@singa.incubator.apache.org Wed Apr 24 13:02:13 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id B0C4E180668 for ; Wed, 24 Apr 2019 15:02:12 +0200 (CEST) Received: (qmail 12456 invoked by uid 500); 24 Apr 2019 13:02:12 -0000 Mailing-List: contact dev-help@singa.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@singa.incubator.apache.org Delivered-To: mailing list dev@singa.incubator.apache.org Received: (qmail 12438 invoked by uid 99); 24 Apr 2019 13:02:12 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Apr 2019 13:02:12 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 5E1AAC0289 for ; Wed, 24 Apr 2019 13:02:06 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -108.001 X-Spam-Level: X-Spam-Status: No, score=-108.001 tagged_above=-999 required=6.31 tests=[ENV_AND_HDR_SPF_MATCH=-0.5, SPF_PASS=-0.001, USER_IN_DEF_SPF_WL=-7.5, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id rn1N24YyO-ig for ; Wed, 24 Apr 2019 13:02:05 +0000 (UTC) Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with SMTP id 7420660D3E for ; Wed, 24 Apr 2019 13:02:04 +0000 (UTC) Received: (qmail 11034 invoked by uid 99); 24 Apr 2019 13:02:01 -0000 Received: from mailrelay1-us-west.apache.org (HELO mailrelay1-us-west.apache.org) (209.188.14.139) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 24 Apr 2019 13:02:01 +0000 Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 97146E2AD1 for ; Wed, 24 Apr 2019 13:02:00 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 31DFA25812 for ; Wed, 24 Apr 2019 13:02:00 +0000 (UTC) Date: Wed, 24 Apr 2019 13:02:00 +0000 (UTC) From: "ASF subversion and git services (JIRA)" To: dev@singa.incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (SINGA-417) Adding security channel MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/SINGA-417?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16825124#comment-16825124 ] ASF subversion and git services commented on SINGA-417: ------------------------------------------------------- Commit 1858046 from Moaz Reyad in branch 'site/trunk' [ https://svn.apache.org/r1858046 ] SINGA-417 Adding Security Channel > Adding security channel > ----------------------- > > Key: SINGA-417 > URL: https://issues.apache.org/jira/browse/SINGA-417 > Project: Singa > Issue Type: New Feature > Components: Documentation > Reporter: Moaz Reyad > Priority: Blocker > > According to the [Apache Project Maturity Model|https://community.apache.org/apache-way/apache-project-maturity-model.html]: > ??QU30: The project provides a well-documented, secure and private channel to report security issues, along with a documented way of responding to them.?? > ??Apache projects can just point to [http://www.apache.org/security/] or use their own security contacts page, which should also point to that.?? > This issue can be solved simply by adding a link to Apache Security page to SINGA website. > However, I would also suggest to : > # create a sub team in SINGA (even starting with one person) for security > # ask for an email security@singa.apache for project security contacts > # create a new page for security in SINGA website > # add SINGA security team (page and email) to [ASF Project Security Information page|https://www.apache.org/security/projects.html] > Machine learning systems like SINGA may work with sensitive data (e.g. medical data, finance, etc.) and SINGA provides distributed training where data and models can be shared in a network. If SINGA security team provides details to ensure the best security practices, this can be an important feature to show in SINGA now or in a future release. -- This message was sent by Atlassian JIRA (v7.6.3#76005)