On 4/12/2012 4:30 AM, Ross Gardler wrote: > > That being said I will again summarise what I believe the IPMC can > take away from this: > > - all mentors should be included in the process, not a subset
That's on the mentors of a given project to decide. I can see where this could be a hardship and some mentor would be perfectly happy to have their fellow mentors address security issues. But they all should be invited to participate, perhaps? However, if there are 8 mentors, that's 5 too many unless they actively are coding and testing the fixed code. > - at least the IPMC chair should be involved, if not the whole IPMC That can be remedied today. Jukka, if you like, please join the ASF wide security team, at minimum as an observer. I suggest this for two reasons, the obvious one of seeing all security related traffic that arises from any incubating project, but as importantly, perhaps you will recognize that an incident at a TLP bears some direct impact or hints at a possibility similar defect at an incubating project. We already do this, but as IPMC chair, your eyes would be most helpful. --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
