| 1 |
On Fri, Dec 2, 2016 at 12:51 AM, Michał Górny <mgorny@g.o> wrote: |
| 2 |
|
| 3 |
> On Fri, 02 Dec 2016 00:59:27 -0500 |
| 4 |
> "William L. Thomson Jr." <wlt-ml@××××××.com> wrote: |
| 5 |
> |
| 6 |
> > I have read this a few times now. I cannot see it being taken any other |
| 7 |
> way |
| 8 |
> > than written. Nothing states the problems shall remain hidden |
| 9 |
> indefinitely. |
| 10 |
> > |
| 11 |
> > Specifically mentioning BOTH security and developer relations. Meaning |
| 12 |
> neither |
| 13 |
> > receives special treatment over the other. Neither should be private, |
| 14 |
> unless |
| 15 |
> > requested to not publicize before a deadline. Implying by default it is |
| 16 |
> public |
| 17 |
> > including developer relations information. Developer bugs remain |
| 18 |
> visible, as |
| 19 |
> > are bugs filed to comrel. |
| 20 |
> |
| 21 |
> Did it ever occur to you that most people around here didn't ever |
| 22 |
> bother reading it that carefully? |
| 23 |
> |
| 24 |
> > The fact that it mentions developer relations information implies that |
| 25 |
> those |
| 26 |
> > problems should be open and not hidden. That developer relations is also |
| 27 |
> > handled via Bugzilla at least in part. That further links developer |
| 28 |
> relations |
| 29 |
> > problems to the social contract and not hiding problems there. |
| 30 |
> > |
| 31 |
> > If requests to publicize problems are denied. That seems like a clear |
| 32 |
> breach |
| 33 |
> > of the Social Contract. I would expect the Foundation to fulfill its |
| 34 |
> obligation |
| 35 |
> > to protect the community and enforce total adherence to the Gentoo Social |
| 36 |
> > Contract. |
| 37 |
> |
| 38 |
> It sounds like you have succeeded in finding a rule that proves your |
| 39 |
> point. Good job. Now, why do you presume that your application is |
| 40 |
> correct? |
| 41 |
> |
| 42 |
> Sure, that might have been the original intent. But that's not how |
| 43 |
> comrel has been operating for a long time. It's bad if people haven't |
| 44 |
> conformed to the contract but it could entirely have been an oversight. |
| 45 |
> |
| 46 |
> I see this as a kind of 'dead law'. And now you're trying to abuse it |
| 47 |
> to force your point of view, while entirely neglecting the other |
| 48 |
> possibility -- to update it to match the long standing status quo. |
| 49 |
> |
| 50 |
|
| 51 |
Are we sure that the status quo is in fact correct? |
| 52 |
|
| 53 |
I find it rather dubious, in my humble opinion, to have the "status quo" as |
| 54 |
the ultimate standard, in, well, any situation at all, not just gentoo. |
| 55 |
Stagnation is bad for any project. |
| 56 |
|
| 57 |
I would far rather compare the status quo to the ideal future, whatever |
| 58 |
that may be. Any deviation between the two could be construed as a defect. |
| 59 |
|
| 60 |
How this applies to this particular situation is left as an exercise for |
| 61 |
the reader. But generally, I don't think "status quo" is a reasonable |
| 62 |
standard in any situation. It only works well as a default in my opinion. |
| 63 |
|
| 64 |
That said, I don't mind publicizing comrel bugs -- if you get all |
| 65 |
> the parties to agree on it. If you file a comrel bug, you do so with |
| 66 |
> presumption that it will be kept classified. It's not fair to |
| 67 |
> unclassify it without getting the consent of both the accusing party |
| 68 |
> and the accused. |
| 69 |
> |
| 70 |
|
| 71 |
This is why I asked whose privacy in particular would be put in jeopardy by |
| 72 |
such revelations in general. |
| 73 |
|
| 74 |
-- |
| 75 |
> Best regards, |
| 76 |
> Michał Górny |
| 77 |
> <http://dev.gentoo.org/~mgorny/> |
| 78 |
> |
Archives