[openstack-dev] [ptl] [security][tc] Tidy up language in section 5 of the vulnerability:managed tag
Steven Dake (stdake)
stdake at cisco.com
Sun Apr 17 05:54:56 UTC 2016
On 4/12/16, 10:42 AM, "Jeremy Stanley" <fungi at yuggoth.org> wrote:
>On 2016-04-02 14:40:57 +0000 (+0000), Steven Dake (stdake) wrote:
>> IANAL and writing these things correctly is hard to do properly );
>> involving the community around the pain points of the tagging
>> process is what I'm after.
>Nobody on the VMT is a lawyer either, and when I wrote the original
>text I wanted to make sure it provided sufficient guidance on our
>expectations while still being inclusive and without needing a
>lawyer to interpret. As it stands, the VMT and TC still make the
>final call on whether an application is sufficiently convincing, so
>the point of the application criteria are to make sure projects know
>what sort of convincing we're looking for.
Agree - I recognize after trying my hand at writing just one part of the
complete VMT tag how difficult it is. I think you did a great job on the
It appears like we are both after the same outcome. I think the changes
in my review to section 5 are a good start, but with the cross project
session I proposed on scaling the OSSA/VMT, my proposal may need to change
as a result of the outcome of that cross project session.
More information about the OpenStack-dev