Hi, On Thu, Apr 12, 2012 at 8:37 PM, William A. Rowe Jr. <wr...@rowe-clan.net> wrote: >> - at least the IPMC chair should be involved, if not the whole IPMC > > That can be remedied today. Jukka, if you like, please join the ASF > wide security team, at minimum as an observer.
Thanks, but I'd rather not have to worry about securing my inbox against hackers looking for zero-day exploits. :-/ Personally I'm fine with after-the-fact oversight like now with the OpenOffice report. I think we can trust the security team and other involved people to make decisions without active interference or real-time observation. If it turns out that in retrospect some things could have been handled better, we can handle that with feedback from threads like this one. If there are cases where more active oversight or feedback is desired (for example if there's a hint that a broader range of projects is affected by an issue, or there's some complex licensing issue regarding a newly incubated project), I'd rather have the security team explicitly reach out and ask for more involvement from us in specific cases. BR, Jukka Zitting --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
