* Michael Banck ([EMAIL PROTECTED]) wrote: > You seem to be missing something: > > I'm not the least bit interested in running a testing-security > repository outside of Debian. Furthermore, I've neither the skill, nor the > time to contribute to something like this integrated to Debian. I've > merely pointed out that such a repository, maintained by a NM outside of > Debian, would not be *anywhere* near an acceptable solution, because of > the reasons I put forth in this thread.
It would be a start and I think that's what is needed. It needs to be
started by someone, and I contend *anyone* can start it, before it will
be possible to do it in full.
> You're saying: "You want security for testing? Do it yourself!"
> I'm saying: "Sure, people could do it for themselves, but how would that
> benefit Debian as a whole?"
Initially it would help only a few brave souls but were it kept up it
would slowly become trusted, along with those who ran it. Eventually I
see it becoming a part of Debian and being of benefit to those who
choose to run testing. Complaining without doing anything benefits no
one.
> > Ah, so, you don't have the time. That would be the reason testing
> > hasn't got security updates- not enough skilled people with the time to
> > actually *do* it.
>
> Exactly.
So people need to be found who have the time and skills and are
interested. I had thought that you met such criteria based on your
verbosity on this list but I suppose that was a poor assumption on my
part.
> Like I said, if people like dark, Kamion, vorlon, etc would go forth and
> started a testing-security initiative, I'd be thrilled by this. If
> <you-know-who> or somebody unknown to the project would come along,
> people would say: "So what?" and go away.
I contend that they don't need to start it, anyone can start it if they
have the time, interest and skills. If the above had the time and
inclination I expect they would have started it already.
What I hate hearing are claims that something can't be done because
someone isn't a DD. It shows, in my view, a lack of true motivation to
do the work and becomes just an excuse to use to avoid doing the work
while retaining the feeling of rightousness to bitch about it.
> > I don't believe Debian should ever do it piecemeal or partially. If
> > it's going to be done then it needs to be done completely and we must
> > have enough people to do it before we announce that we will.
>
> Exactly.
Outside of Debian it could be started piecemeal until it's attracted
enough people to be able to do it for all of testing.
> Aha. And what exactly buys you being a DD in this regard? That's the
> implementation detail I was talking about earlier. You said
> repositories would be easier setup if one was a DD, if I'm not
> completely mistaken?
They're already set up if you're a DD, you just upload to the official
Debian repository.
Stephen
pgpVzICszBraZ.pgp
Description: PGP signature
