Re: Debian Membership

2009-03-21 Thread Charles Plessy
Le Sat, Mar 21, 2009 at 02:27:55PM +, Matthew Johnson a écrit : > > So far I don't think I've seen anyone objecting to the overall approach > though, which is good. I think it allows us to start discussing more > specific implementation details. Dear Matthew, there are so many discussions th

Re: Debian Membership

2009-03-21 Thread Matthew Johnson
On Mon Mar 16 13:30, Goswin von Brederlow wrote: > There are different kinds of packages in debian that require different > skills: > > - binary packages, data packages > - simple library packages > - mixed binary/library/data packages > > Also there is a big difference between the NEW packages a

Re: Debian Membership

2009-03-17 Thread Moritz Muehlenhoff
["Followup-To:" header set to gmane.linux.debian.devel.new-maintainer.] On 2009-03-14, Thomas Viehmann wrote: > Hi, > > if you allow me to share a thought here even though I am not a developer > and as such do not have any say in this. > > Matthew Johnson wrote: >> My goals with changing the membe

Re: Debian Membership

2009-03-16 Thread Goswin von Brederlow
"Giacomo A. Catenazzi" writes: > Matthew Johnson wrote: >> My goals with changing the membership procedures are: >> >> - To turn NM into a more evolutionary process where some privileges and >>rights are granted earlier in the process and the qualifications for >> the >>late

Re: Debian Membership

2009-03-16 Thread Giacomo A. Catenazzi
Matthew Johnson wrote: My goals with changing the membership procedures are: - To turn NM into a more evolutionary process where some privileges and rights are granted earlier in the process and the qualifications for the later parts are based mainly on the work done

Re: Debian Membership

2009-03-14 Thread Russ Allbery
Matthew Johnson writes: > On Sat Mar 14 12:46, Russ Allbery wrote: >> We can certainly expand the definition of technical work that qualifies >> for political voting membership and not focus it solely on packaging, >> but I think we're doing reasonably well with the basic assumption that >> the p

Re: Debian Membership

2009-03-14 Thread Ben Finney
Russ Allbery writes: > Matthew Johnson writes: > > > - To decouple of technical and political positions in the membership > > For what it's worth, I disagree with this goal, assuming that I > understand what you mean by it. I think that such a decoupling would > be a significant change in how

Re: Debian Membership

2009-03-14 Thread Matthew Johnson
On Sat Mar 14 19:11, Thomas Viehmann wrote: > if you allow me to share a thought here even though I am not a developer > and as such do not have any say in this. I certainly welcome thoughts from people involved in the project. > While the aims you list themself may be laudable to achieve > impro

Re: Debian Membership

2009-03-14 Thread Matthew Johnson
On Sat Mar 14 12:46, Russ Allbery wrote: > > - To decouple of technical and political positions in the membership > > We can certainly expand the definition of technical work that qualifies > for political voting membership and not focus it solely on packaging, but > I think we're doing reasonably

Re: Debian Membership

2009-03-14 Thread Matthew Johnson
On Sat Mar 14 17:24, Enrico Zini wrote: > However, we have had and do have several uncontroversially outstanding > and very active people in need of an account, and they should be kicked > *in*, and fast. As an AM I've seen a few, and inflicting a long NM > process on them is a waste: their skil

Re: Debian Membership

2009-03-14 Thread Florian Weimer
* Micah Anderson: > There are some companies that have had their 'bottom-line' demonstrably > impacted in significant ways by open source and have undertaken various > dubious mechanisms to destabilize and discredit open-source. Microsoft > actually acknowledged to the SEC[0] in its required filin

Re: Debian Membership

2009-03-14 Thread Russ Allbery
Bernd Zeimetz writes: > Micah Anderson wrote: >> All of this is just fun wingnut ramblings, but I think serves to >> illustrate that the artificial barrier imposed by the arduous NM >> process is not that significant of a difficulty for getting inside >> Debian and we cannot use this as mechanism

Re: Debian Membership

2009-03-14 Thread Russ Allbery
Matthew Johnson writes: > My goals with changing the membership procedures are: [...] > - To decouple of technical and political positions in the membership For what it's worth, I disagree with this goal, assuming that I understand what you mean by it. I think that such a decoupling would be

Re: Debian Membership

2009-03-14 Thread Lucas Nussbaum
On 14/03/09 at 19:11 +0100, Thomas Viehmann wrote: > Hi, > > if you allow me to share a thought here even though I am not a developer > and as such do not have any say in this. > > Matthew Johnson wrote: > > My goals with changing the membership procedures are: > [... snip ...] > > While the aim

Re: Debian Membership

2009-03-14 Thread Thomas Viehmann
Hi, if you allow me to share a thought here even though I am not a developer and as such do not have any say in this. Matthew Johnson wrote: > My goals with changing the membership procedures are: [... snip ...] While the aims you list themself may be laudable to achieve improvements, your *goal

Re: Debian Membership

2009-03-14 Thread Bernd Zeimetz
Micah Anderson wrote: > All of this is just fun wingnut ramblings, but I think serves to > illustrate that the artificial barrier imposed by the arduous NM process > is not that significant of a difficulty for getting inside Debian and we > cannot use this as mechanism for making Debian "secure".

Re: Debian Membership

2009-03-14 Thread Frans Pop
On Saturday 14 March 2009, Enrico Zini wrote: > Yes, and there are cheaper ways than getting the black hat to become a > full DD: with a thousand of DDs we have a thousand possibly vulnerable > points of entry. Frankly, if anyone wanted to attack Debian, they'd > have to be remarkably silly to pla

Re: Debian Membership

2009-03-14 Thread Enrico Zini
On Sat, Mar 14, 2009 at 04:25:21PM +0100, Frans Pop wrote: > On Saturday 14 March 2009, Micah Anderson wrote: > > All of this is just fun wingnut ramblings, but I think serves to > > illustrate that the artificial barrier imposed by the arduous NM > > process is not that significant of a difficulty

Re: Debian Membership

2009-03-14 Thread Frans Pop
On Saturday 14 March 2009, Micah Anderson wrote: > All of this is just fun wingnut ramblings, but I think serves to > illustrate that the artificial barrier imposed by the arduous NM > process is not that significant of a difficulty for getting inside > Debian and we cannot use this as mechanism fo

Re: Debian Membership

2009-03-14 Thread Micah Anderson
* Frans Pop [2009-03-14 09:25-0400]: > On Saturday 14 March 2009, Leo 'costela' Antunes wrote: > > IMHO that's a false notion of "security through laziness" :). > > Black hats are lazy too. They go after easy targets for maximum profit. > Getting into Debian currently takes a certain amount of de

Re: Debian Membership

2009-03-14 Thread Leo 'costela' Antunes
[still not subscribed to -newmaint, just keeping the cross-post] Frans Pop wrote: > On Saturday 14 March 2009, Leo 'costela' Antunes wrote: >> IMHO that's a false notion of "security through laziness" :). > > Black hats are lazy too. They go after easy targets for maximum profit. > Getting into D

Re: Debian Membership

2009-03-14 Thread Frans Pop
On Saturday 14 March 2009, Leo 'costela' Antunes wrote: > IMHO that's a false notion of "security through laziness" :). Black hats are lazy too. They go after easy targets for maximum profit. Getting into Debian currently takes a certain amount of demonstrated dedication to the project through ac

Re: Debian Membership

2009-03-14 Thread Leo 'costela' Antunes
[I'm only subscribed to -project, but keeping the cross-post] Frans Pop wrote: > The effort needed to go through the NM procedure also has an IMO import > security aspect: it's quite unlikely that a "black hat" would be willing > to make that effort to get in a position where (s)he could introdu

Re: Debian Membership

2009-03-14 Thread Frans Pop
On Saturday 14 March 2009, Matthew Johnson wrote: > Being part of the project, particularly with upload rights, is > something I believe _should_ be difficult. This restriction on access > to the archive is one of our strengths, it gives us a higher quality of > packaging (yes, there are exceptions