From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-54662-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 1DDEA138010
	for <garchives@archives.gentoo.org>; Wed, 12 Sep 2012 18:43:21 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 60FBBE0534;
	Wed, 12 Sep 2012 18:43:12 +0000 (UTC)
Received: from mail-bk0-f53.google.com (mail-bk0-f53.google.com [209.85.214.53])
	by pigeon.gentoo.org (Postfix) with ESMTP id 3FC9321C036
	for <gentoo-dev@lists.gentoo.org>; Wed, 12 Sep 2012 18:42:15 +0000 (UTC)
Received: by bkwj4 with SMTP id j4so91015bkw.40
        for <gentoo-dev@lists.gentoo.org>; Wed, 12 Sep 2012 11:42:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:date
         :x-google-sender-auth:message-id:subject:from:to:content-type;
        bh=HbH7LRNVD5DGkR9oX+imSQzjd08tM4JyI1TFvW4+GjM=;
        b=P73ipSa5dqJVYDc7N0T6QCOkSNMnPfGfgsCmO7QqaOC+lsewtbiagikSUBRSGAyq/W
         zVADmE4GPwmCzq6rQi+7TOQsvt8ZCsXTyjXeCHk4xyQYsaylLG1KDWlZNywfyHUqp/z1
         jZsxevXeVFRBkQXOd66pGp1ook+GK150fPU/9pZ6Z80y1E2RVWYGkWbn7RYVn45rE8TT
         TSg3UddbBqEptba4TK8dgrDed/Je+G4Kev+n6tvx2nfsq/mzuiUL+x/HMspdB+tWki0u
         r3lwGi7nJ8rbmYSK8NeRnp1DcewD3jq2Cu5lkLy4y6zaPUuAl4Kj3PXxRplBlCOU+Y4C
         Q4yw==
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.204.152.13 with SMTP id e13mr3395875bkw.10.1347475335234; Wed,
 12 Sep 2012 11:42:15 -0700 (PDT)
Sender: freemanrich@gmail.com
Received: by 10.205.65.136 with HTTP; Wed, 12 Sep 2012 11:42:15 -0700 (PDT)
In-Reply-To: <20120912202932.1fc1adbb@marga.jer-c2.orkz.net>
References: <1347472741.2365.5.camel@belkin4>
	<20120912202932.1fc1adbb@marga.jer-c2.orkz.net>
Date: Wed, 12 Sep 2012 14:42:15 -0400
X-Google-Sender-Auth: Sp6twbUEag_AOIjBg2igIosjDPk
Message-ID: <CAGfcS_kGskftZZpTa88ekn2Q=HOBeeDzdGBqq6=srXN_LsmWSg@mail.gmail.com>
Subject: Re: [gentoo-dev] About changing security policy to unCC maintainers
 when their are not needed
From: Rich Freeman <rich0@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Content-Type: text/plain; charset=ISO-8859-1
X-Archives-Salt: bf215a63-4047-4b9b-8471-a3683818edf2
X-Archives-Hash: 5092370d13f5894abe5d1dbccb2d5c76

On Wed, Sep 12, 2012 at 2:29 PM, Jeroen Roovers <jer@gentoo.org> wrote:
>
> So you would want to be re-CC'd when it is time to remove the vulnerable
> versions, I guess.

Isn't this done shortly after keywording is complete?  I think the
concern is more about issuing GLSAs/etc, which apparently can happen
months or years after the vulnerable versions were removed judging by
recent chromium@ mail.

> You can un-CC yourself. I don't see why security@ should be doing the
> legwork.

I see no issue with that.

Rich