1 |
On Fri, Dec 2, 2016 at 12:51 AM, Michał Górny <mgorny@g.o> wrote: |
2 |
|
3 |
> On Fri, 02 Dec 2016 00:59:27 -0500 |
4 |
> "William L. Thomson Jr." <wlt-ml@××××××.com> wrote: |
5 |
> |
6 |
> > I have read this a few times now. I cannot see it being taken any other |
7 |
> way |
8 |
> > than written. Nothing states the problems shall remain hidden |
9 |
> indefinitely. |
10 |
> > |
11 |
> > Specifically mentioning BOTH security and developer relations. Meaning |
12 |
> neither |
13 |
> > receives special treatment over the other. Neither should be private, |
14 |
> unless |
15 |
> > requested to not publicize before a deadline. Implying by default it is |
16 |
> public |
17 |
> > including developer relations information. Developer bugs remain |
18 |
> visible, as |
19 |
> > are bugs filed to comrel. |
20 |
> |
21 |
> Did it ever occur to you that most people around here didn't ever |
22 |
> bother reading it that carefully? |
23 |
> |
24 |
> > The fact that it mentions developer relations information implies that |
25 |
> those |
26 |
> > problems should be open and not hidden. That developer relations is also |
27 |
> > handled via Bugzilla at least in part. That further links developer |
28 |
> relations |
29 |
> > problems to the social contract and not hiding problems there. |
30 |
> > |
31 |
> > If requests to publicize problems are denied. That seems like a clear |
32 |
> breach |
33 |
> > of the Social Contract. I would expect the Foundation to fulfill its |
34 |
> obligation |
35 |
> > to protect the community and enforce total adherence to the Gentoo Social |
36 |
> > Contract. |
37 |
> |
38 |
> It sounds like you have succeeded in finding a rule that proves your |
39 |
> point. Good job. Now, why do you presume that your application is |
40 |
> correct? |
41 |
> |
42 |
> Sure, that might have been the original intent. But that's not how |
43 |
> comrel has been operating for a long time. It's bad if people haven't |
44 |
> conformed to the contract but it could entirely have been an oversight. |
45 |
> |
46 |
> I see this as a kind of 'dead law'. And now you're trying to abuse it |
47 |
> to force your point of view, while entirely neglecting the other |
48 |
> possibility -- to update it to match the long standing status quo. |
49 |
> |
50 |
|
51 |
Are we sure that the status quo is in fact correct? |
52 |
|
53 |
I find it rather dubious, in my humble opinion, to have the "status quo" as |
54 |
the ultimate standard, in, well, any situation at all, not just gentoo. |
55 |
Stagnation is bad for any project. |
56 |
|
57 |
I would far rather compare the status quo to the ideal future, whatever |
58 |
that may be. Any deviation between the two could be construed as a defect. |
59 |
|
60 |
How this applies to this particular situation is left as an exercise for |
61 |
the reader. But generally, I don't think "status quo" is a reasonable |
62 |
standard in any situation. It only works well as a default in my opinion. |
63 |
|
64 |
That said, I don't mind publicizing comrel bugs -- if you get all |
65 |
> the parties to agree on it. If you file a comrel bug, you do so with |
66 |
> presumption that it will be kept classified. It's not fair to |
67 |
> unclassify it without getting the consent of both the accusing party |
68 |
> and the accused. |
69 |
> |
70 |
|
71 |
This is why I asked whose privacy in particular would be put in jeopardy by |
72 |
such revelations in general. |
73 |
|
74 |
-- |
75 |
> Best regards, |
76 |
> Michał Górny |
77 |
> <http://dev.gentoo.org/~mgorny/> |
78 |
> |