[Openstack-security] Security Note (OSSN) Process
Nathan Kinder
nkinder at redhat.com
Sun Jan 19 03:38:24 UTC 2014
On 01/18/2014 09:16 AM, Clark, Robert Graham wrote:
> On Sat Jan 18 13:48:48 2014, Thierry Carrez wrote:
>> Bryan D. Payne wrote:
>>> A couple of thoughts...
>>>
>>> * I like the idea of storing these in git.
>>> * Perhaps including a date in the numbering of the OSSN is not needed?
>>> Could we just number them sequentially?
>>>
>>> OSSN-0001
>>> OSSN-0002
>>> etc.
>>>
>>> If we use git and number sequentially, then it would be easy to just
>>> grab the next number when writing a new OSSN. I also really like the
>>> idea of doing the reviews in gerrit rather than launchpad / email.
>>
>> +1, nice and simple, and sufficiently different from OSSA numbering so
>> that they do not get confused.
>>
>
> +1 I'm happy with all of the above
I'm happy with this approach as well. I'll update the process wiki page
with the numbering approach. Since we only have a handful of already
published OSSNs, I'm going to propose that we retroactively number the
existing OSSNs in the wiki publishing area based on the publishing date.
I will also look at moving to git/gerrit.
Thanks,
-NGK
>
> _______________________________________________
> Openstack-security mailing list
> Openstack-security at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
>
More information about the Openstack-security
mailing list