From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 6D68B138334 for ; Tue, 4 Dec 2018 03:41:41 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id F2F3EE0ADF; Tue, 4 Dec 2018 03:41:39 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 99B45E0ADD for ; Tue, 4 Dec 2018 03:41:39 +0000 (UTC) Received: from pomiot (d202-252.icpnet.pl [109.173.202.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mgorny) by smtp.gentoo.org (Postfix) with ESMTPSA id BA333335C8C; Tue, 4 Dec 2018 03:41:36 +0000 (UTC) Message-ID: <1543894892.810.5.camel@gentoo.org> Subject: Re: [gentoo-project] Re: [gentoo-dev-announce] Call for agenda items - Council meeting 2018-12-09 From: =?UTF-8?Q?Micha=C5=82_G=C3=B3rny?= To: gentoo-project@lists.gentoo.org Date: Tue, 04 Dec 2018 04:41:32 +0100 In-Reply-To: <20181204001604.GK16376@monkey> References: <1543149110.17973.1.camel@gentoo.org> <2a393e89-3156-9666-de46-2faf2fd1f7e3@gentoo.org> <20181204001604.GK16376@monkey> Organization: Gentoo Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-XUMnylhKuFyDm0iDQ/4J" X-Mailer: Evolution 3.26.6 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Project discussion list X-BeenThere: gentoo-project@lists.gentoo.org Reply-To: gentoo-project@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply Mime-Version: 1.0 X-Archives-Salt: 962b45fd-e23c-4586-a9df-cceacddde1bf X-Archives-Hash: b5cbaca1e70a8bd26a106087fc2ab2c4 --=-XUMnylhKuFyDm0iDQ/4J Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, 2018-12-03 at 19:16 -0500, Aaron Bauman wrote: > > On 25.11.2018 15:31, Mart Raudsepp wrote: > > > In two weeks from now, there will be a council meeting again. Now is > > > the time to raise and prepare agenda items that you want us to discus= s > > > and/or vote upon. > > >=20 > > > Please respond to this message on the gentoo-project mailing list wit= h > > > agenda items. > > > The final agenda will be sent out on 2018-12-02, so please make sure > > > you post any agenda items before that, or we may not be able to > > > accommodate it into the next meeting. > > >=20 > > > The meeting itself will happen on 2018-12-09 19:00 UTC [1] in the > > > #gentoo-council FreeNode IRC channel. > > >=20 > > >=20 > > > 1. https://www.timeanddate.com/worldclock/fixedtime.html?iso=3D201812= 09T19 > > >=20 > > >=20 > > > Thanks, > > > Mart Raudsepp >=20 > I would like to propose, once again, that the council vote on the > following items: >=20 > 1. The council approves all architectures that are maintained as stable > architectures. > - e.g. alpha, amd64, arm, arm64, ia64, ppc, ppc64, and x86. >=20 > Conversely, the council also may remove/drop such architectures as > needed (c.f. item 2). What happens if Council votes 'no' to this item? Do all arches become unstable? Don't introduce votes for confirming status quo because they make no sense. If there's a specific change you're proposing, propose it and be specific so that people can discuss it ahead of time. > 2. The council approves that all stable architectures are subsequently > determined to be security supported. Thus, an architecture may not be > stable and *not* security supported. This disparity has implications in > processes and timeliness of actions taken to mitigate vulnerabilities > reported. > - e.g. amd64 is approved as stable arch and thus is security supported. > - e.g. arm is dropped as a stable arch thus is no longer security suppor= ted. >=20 > Overall, both of these items will provide a much clearer understanding > of how security is able to proceed with mitigating vulnerabilities in > the tree, how users view and understand what architectures are stable > and security supported, and allow the security team and maintainers a > clearer/cleaner process to follow. >=20 Are you asking the Council to make a policy for security team, or to override the existing policy of security team? Because this sounds like you're implying that security team can't make up their mind. Also, if the Council votes 'yes', what happens next? Does security accept all stable arches? Do stable arches get demoted implicitly based on security project considerations? --=20 Best regards, Micha=C5=82 G=C3=B3rny --=-XUMnylhKuFyDm0iDQ/4J Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQKTBAABCgB9FiEEXr8g+Zb7PCLMb8pAur8dX/jIEQoFAlwF921fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDVF QkYyMEY5OTZGQjNDMjJDQzZGQ0E0MEJBQkYxRDVGRjhDODExMEEACgkQur8dX/jI EQpESRAA5K4fXpMvM5SYwszoCp1rWd0J/Z9XiWr7ArSoUZ2XsxdS0qM++0WNezK4 gPd4mHbJ0C5d6ivDPhneThiFI25wvAKv/hjv1HUc08Qfxy0rIlVEjLsEgI/Bz0kN KTY4hg/drZkQhlWp0VXy0KGRlmwmLfUHtCO/pI4jG/S5F2/66aEVysopB1GruKo0 QDJJFx9s8WCv2H1Sb/IGDdAgNB/FQNRzObZtd3pal1SOO5o78SYm3ovpifDqjAVA ttg5sz39x1rHVSb+/Db3jBvN4reDlH7DbwFzRr+Qr1yH+M1tAv4AvwUgugtKOeCq JS8cyphw2UUTYQrECCCmdRD/T4Oqf1sFw2NhQalLaNBHm0cntNrN+pNfXhdrmW33 KmdwTg6pGebi55oa7FpZUFCf/+veEb9CdVl0RKCO4sB5wS3crSuGi+IujbmpTYC9 iuwWTBbJtsJSs8FcKSJRHRqJ/yZwI3m9VRb/0eDJD0iAjVLIHRRjxXOHAzEiOpjK I6XNINSgZXhNvBXT326oVcPkZMcRFhfFPnLBl7Vw6deXgns/Xe+3FLaC3UqEtjqr F4pGtzav6LwaqVDbLFb4PZLWwPiOAu0OSWmho8xQJiKYxUFrovn7TZZ5W8B/s+Lf uv//yrdSk9CWabuOyyU5RbsODZA6G5dl51r5ZwvR+Ckf4HZUcM8= =eL1Z -----END PGP SIGNATURE----- --=-XUMnylhKuFyDm0iDQ/4J--