On 15/03/10 23:03, Xavier Chantry wrote: > On Mon, Mar 15, 2010 at 11:42 PM, Magnus Therning <magnus@xxxxxxxxxxxx> wrote: [..] >>> 2) resume and finish the gpg work for pacman & friends >> >> Sure, that is worth doing. Is it really a task for a dedicated security team? >> It sounds more like a one-time thing for a group of developers. >> > > This is also true.. more or less. It does not matter how the people doing > the work are called. > There is no one writing code, no one giving technical advices, no one > testing. There are only users asking for signed packages. I'd argue it *is* important what you call them. In one case one would ask for some developer(s) to dedicate some time during a limited period, while in the other one is asking for on-going commitment. I think it's *crucial* to position the proposal correctly. Getting a feature implemented in pacman is likely to be easier than getting a group of people to sign up for a task that never ends. Though I'm not saying either will be easy. /M -- Magnus Therning (OpenPGP: 0xAB4DFBA4) magnus@therning.org Jabber: magnus@therning.org http://therning.org/magnus identi.ca|twitter: magthe
Attachment:
signature.asc
Description: OpenPGP digital signature
