From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 689DE138334 for ; Tue, 4 Dec 2018 21:18:43 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2F82CE0D65; Tue, 4 Dec 2018 21:18:42 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id D244DE0D64 for ; Tue, 4 Dec 2018 21:18:41 +0000 (UTC) Received: from localhost (pool-108-45-63-132.washdc.fios.verizon.net [108.45.63.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: bman) by smtp.gentoo.org (Postfix) with ESMTPSA id 6336C335CF4 for ; Tue, 4 Dec 2018 21:18:39 +0000 (UTC) Date: Tue, 4 Dec 2018 16:18:36 -0500 From: Aaron Bauman To: gentoo-project@lists.gentoo.org Subject: Re: [gentoo-project] Re: [gentoo-dev-announce] Call for agenda items - Council meeting 2018-12-09 Message-ID: <20181204211836.GM16376@monkey> References: <1543149110.17973.1.camel@gentoo.org> <2a393e89-3156-9666-de46-2faf2fd1f7e3@gentoo.org> <20181204001604.GK16376@monkey> <1543894892.810.5.camel@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Project discussion list X-BeenThere: gentoo-project@lists.gentoo.org Reply-To: gentoo-project@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="75WsOQSofUOhcSOp" Content-Disposition: inline In-Reply-To: <1543894892.810.5.camel@gentoo.org> User-Agent: Mutt/1.11.0 (2018-11-25) X-Archives-Salt: 30cf1fbd-1365-4181-a090-a6a71db649cc X-Archives-Hash: 04ab46b3db89c31cd029c6f7874bd258 --75WsOQSofUOhcSOp Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Dec 04, 2018 at 04:41:32AM +0100, Micha=C5=82 G=C3=B3rny wrote: > On Mon, 2018-12-03 at 19:16 -0500, Aaron Bauman wrote: > > > On 25.11.2018 15:31, Mart Raudsepp wrote: > > > > In two weeks from now, there will be a council meeting again. Now is > > > > the time to raise and prepare agenda items that you want us to disc= uss > > > > and/or vote upon. > > > >=20 > > > > Please respond to this message on the gentoo-project mailing list w= ith > > > > agenda items. > > > > The final agenda will be sent out on 2018-12-02, so please make sure > > > > you post any agenda items before that, or we may not be able to > > > > accommodate it into the next meeting. > > > >=20 > > > > The meeting itself will happen on 2018-12-09 19:00 UTC [1] in the > > > > #gentoo-council FreeNode IRC channel. > > > >=20 > > > >=20 > > > > 1. https://www.timeanddate.com/worldclock/fixedtime.html?iso=3D2018= 1209T19 > > > >=20 > > > >=20 > > > > Thanks, > > > > Mart Raudsepp > >=20 > > I would like to propose, once again, that the council vote on the > > following items: > >=20 > > 1. The council approves all architectures that are maintained as stable > > architectures. > > - e.g. alpha, amd64, arm, arm64, ia64, ppc, ppc64, and x86. > >=20 > > Conversely, the council also may remove/drop such architectures as > > needed (c.f. item 2). >=20 > What happens if Council votes 'no' to this item? Do all arches become > unstable? > Of course not, that would be silly. I suppose better wording would have been something like: "The council will begin approving the addition and removal of all architectures considered stable. Upon approval of this item, all current stable architectures will remain." > Don't introduce votes for confirming status quo because they make no > sense. If there's a specific change you're proposing, propose it > and be specific so that people can discuss it ahead of time. > Ugh... status quo? I am not sure how this is status quo... > > 2. The council approves that all stable architectures are subsequently > > determined to be security supported. Thus, an architecture may not be > > stable and *not* security supported. This disparity has implications in > > processes and timeliness of actions taken to mitigate vulnerabilities > > reported. > > - e.g. amd64 is approved as stable arch and thus is security supported. > > - e.g. arm is dropped as a stable arch thus is no longer security supp= orted. > >=20 > > Overall, both of these items will provide a much clearer understanding > > of how security is able to proceed with mitigating vulnerabilities in > > the tree, how users view and understand what architectures are stable > > and security supported, and allow the security team and maintainers a > > clearer/cleaner process to follow. > >=20 >=20 > Are you asking the Council to make a policy for security team, > or to override the existing policy of security team? Because this > sounds like you're implying that security team can't make up their mind. > Absolutely, but we have the GLEP draft in the open now. So, here we go. > Also, if the Council votes 'yes', what happens next? Does security > accept all stable arches? Do stable arches get demoted implicitly based > on security project considerations? > Yes, we would accept all stable arches as security supported.=20 No, security would simply petition the council should an arch need to be removed from stable. > --=20 > Best regards, > Micha=C5=82 G=C3=B3rny --=20 Cheers, Aaron --75WsOQSofUOhcSOp Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEEiDRK3jyVBE/RkymqpRQw84X1dt0FAlwG7ywACgkQpRQw84X1 dt1/6wf/ZUf+S+TxSWMrlHskgOP1NaRtaRma7cfHQscppIAHIkCXjOGEo9PWQU+j QJUdJT2N9noABgTLgWFRkovWyhPIjKZ4HF5t9Q/BgQySZgfmsKXiqC+pD/8sp9xg S9vjkRDMlWh/GxOpBqod+pnot2DY1fh9rhMMg7yqhkOMdOUyHuW9uLJYfFb3lyU1 +MbH0sw45kLkCr7SrhaC4irNEt6K8Yd5swce+GBT1BMApdPu3o7BL93hDUS5IdNX aTY8xr6Q4QoOhScvlcqAFgJBgYWdyUMHgLI0UEK0iPcjAsSdw12FhObiv+1KTVHB yJEqIGXiBQmRSSvXEVaz5h3y3/RwVg== =46CO -----END PGP SIGNATURE----- --75WsOQSofUOhcSOp--