On Mon, Mar 10, 2008 at 04:13:43PM -0400, Filipus Klutiero wrote: > Le March 10, 2008 02:56:15 pm Luk Claes, vous avez ?crit?: > > Filipus Klutiero wrote: > > > Hi, > > > I reported #468765 about a questionable statement on www.debian.org. > > > Frank Lichtenheld wants this to be discussed. > > > > > > This statement is in a security announcement. Martin Schulze confirmed > > > that he wrote the statement. Does the security team think that oldstable > > > security support duration is something to be proud of? > > > > > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=468765 > > > > Why would anyone question if a security support of at *least* 2,5 years > > by volunteers not be something to be proud of? > The sentence does not talk about volunteers. Even if it did, I wouldn't be > less proud of my contributions to Debian if I was paid for them. And from the > readers POV, I don't appreciate Debian more because developers are mostly > volunteers. > > I already compared the duration of oldstable support in the bug report, but > let's look at the total security support duration of each release of other > free distros if you want. Let's take these 3 which are not too far from > Debian's quality: > RHEL and derivatives: 7 years > openSUSE: 2 years > Ubuntu: a bit more complex. > 1.5 in general > LTS releases: 3 on desktop, 5 on server > > Debian is somewhat better than openSUSE, equal or slightly worst than Ubuntu > and definitely worst than RHEL and derivatives. So on average, Debian is > somewhat worst than its main alternatives in this aspect.
How about in # of packages we support? Does that bump us up at all in your pissing contest? There are many characteristics of security support (breadth, turnaround, stability, etc) - and different characteristics appeal to different users. We don't have to be proud that our N isn't as long as someone else's N, but we can certainly be proud to have honored the commitment we made to our users. Using # of years of support as a measurement of "goodness" is as silly as using # of advisories as a measurement of an OS's "secureness". -- dann frazier -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
