Open Stack

On 2013-11-19 11:03:33 -0800 (-0800), Sriram Subramanian wrote:
> I also wanted to know if it is OK for someone to join these calls
> as observers (as a learning experience).

As Bryan already mentioned, the VMT attempts to minimize exposure of
embargoed vulnerability reports and bug fixes to the absolute
fewest number of people required to debate and fix them. This is by
design.

Also, we don't use phone calls for this sort of thing, as the
OpenStack project contributors tend to work very asynchronously from
a wide variety of timezones/schedules. The majority of the
discussion happens in private security bug comments on Launchpad at
the moment, with some occasional interaction via IRC private
messages (mostly to get the attention of subscribers we add to bugs
in case they don't notice the updates from LP). We may switch to
other tools to accomplish this over time, but I expect the general
workflow to remain more or less the same.
-- 
Jeremy Stanley