[openstack-dev] [security] [salt] Removal of Security and OpenStackSalt project teams from the Big Tent
Jeremy Stanley
fungi at yuggoth.org
Wed Sep 21 21:35:39 UTC 2016
On 2016-09-21 10:18:58 -0700 (-0700), Morgan Fainberg wrote:
[...]
> For what it is worth the VMT had some discussion about this and in the case
> the security team was/is dissolved/moved to a WG we will take some action
> and make some proposals to handle the situation so we have a nice place to
> continue within the community. One idea that was floated would be to become
> our own small (release team sized) team.
Well, just to be clear, if the current team providing a home to the
VMT became unofficial, I doubt the VMT itself would operate any
differently than today. It's a (necessarily) small group of people
with existing cross-project ties to other official teams in
OpenStack. The authority it has comes from involvement of its
members throughout the community the function they perform, not from
any sort of official mandate.
That said, I appreciate and applaud the efforts of the Security Team
and believe that the VMT's choice to align itself with them has
provided a beneficial relationship. The Security Team provides
valuable operations/deployment-specific insight into embargoed
issues where the VMT often struggles to appropriately gauge impact
severity and scope, they have been very helpfully documenting
reported shortcomings in OpenStack which require special care and
attention from downstream consumers, and they're working on ways to
evaluate OpenStack software to make it easier for the VMT to support
through both automated exploration and more conceptual risk
documentation.
> However, if security is continuing to exist, I am content to stay where we
> are (I cannot speak to the views of Fungi, Tristan, and Grant though).
Yes, I concur. When I saw that the Security Team lacked a PTL
nominee, I did not nominate myself primarily because I don't
regularly attend its weekly meetings nor participate in development
of any of its outputs beyond what intersects with VMT needs (though
also I'm not confident I could wear two PTL hats effectively, unlike
some superhumans in our community).
--
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: Digital signature
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160921/d414a760/attachment.pgp>
More information about the OpenStack-dev
mailing list