[Openstack-security] OSSG election electorate -- all pitches together

Clark, Robert Graham robert.clark at hp.com
Tue Mar 18 13:05:25 UTC 2014 

> -----Original Message-----
> From: Kurt Seifried [mailto:kseifried at redhat.com]
> Sent: 18 March 2014 08:13
> Cc: openstack-security at lists.openstack.org
> Subject: Re: [Openstack-security] OSSG election electorate -- all

> Are we allowed to ask candidates questions? My main one would be: is
the
> time and effort for you to work with OpenStack being officially
sanctioned
> by your employer, and if so to what degree. E.g. are you doing this on
your
> own time, are you being 100% paid/committed to working with OpenStack,
> or something in between?
> 
> The reason I ask is due to sustainability.
> 
> I get that people are passionate about this (otherwise they wouldn't
have
> stepped up), and qualified (otherwise they wouldn't even be here), but
the
> time and effort is a serious aspect. And example of this is the
roughly 2 year
> period where I was something like 1/3 of all OSS-Security mailing
traffic due
> to handling CVE's (over 1000 a year). The only reason I could pull
this off
> was because it was part of my job at Red Hat (I was given both time
and
> resources to do it), there is no way I would have been able to sustain
that
> commitment on my own time).
> 
> So basically will the candidates have enough time/resources to do this
> properly, not just today or tomorrow or next week, but 6 months from
> now? Thanks.

This is a very good point, in fact it's the reason that my announcement
for candidacy was delayed for a couple of days - I was working with the
leadership in my organisation to get agreement on the time and resources
I'll have available to engage with the OSSG. Until now Bryan and I have
shared the load, having a single person leading requires lots more time,
I wanted to get firm commitments from my team before I proposed myself
for candidacy.

I'm happy that I have a good appreciation of the amount of time the OSSG
requires in order to grow beyond where it is today and I'm more than
satisfied with the support I've received from my organisation in terms
of resource, headcount etc. 

-Rob 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6187 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140318/5c1ad27b/attachment.bin>

More information about the Openstack-security mailing list