From: "Andrew Jeffery" <andrew@aj.id.au>
To: "Joseph Reynolds" <jrey@linux.ibm.com>, openbmc@lists.ozlabs.org
Subject: Re: Security Working Group - Wednesday May 12 - results
Date: Mon, 17 May 2021 08:45:55 +0930 [thread overview]
Message-ID: <464e2eba-c3bb-421f-b336-e50941ff5cd9@www.fastmail.com> (raw)
In-Reply-To: <9f59a396-7a97-71b1-8cba-210545b0b023@linux.ibm.com>
On Sat, 15 May 2021, at 04:32, Joseph Reynolds wrote:
> In general, it is hard to know who to contact.
I think it deserves some effort, no? Talking in abstractions doesn't
help as we're not discussing the abstract but specific patches, some of
which you've left a comment against.
Equivalently, saying "In general, it is hard to build secure systems"
and then not putting in any further effort as a consequence isn't
acceptable - we need to do the work; narrow the statement from the
abstract to the specific do our best to mitigate risks. That same
strategy of narrowing the abstract to the specific applies here.
Given you've already commented on one of the patches I don't think it's
a big leap to look at who the author is and include them on related
discussions in other mediums.
So anyway, I think this open source process works best if we recognise
that resolving issues requires bringing people together, and not
treating the work as some kind of abstract process. I feel like
broadcasting (1-to-many) the minutes here without including the people
impacted by the discussion creates a separation. Let's put the effort
in to bring the right people into discussions from the outset.
> Note
> that I am following up on this item privately through other channels.
Okay, hopefully I'm included on those discussions too.
> Finally, during the meeting, I encouraged attendees to make comments in
> the relevant gerrit review process.
Great! I hope we can capture the concrete concerns in the patch
comments and work to resolve them.
Andrew
prev parent reply other threads:[~2021-05-16 23:17 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-12 1:59 Security Working Group - Wednesday May 12 Joseph Reynolds
2021-05-12 18:18 ` Security Working Group - Wednesday May 12 - results Joseph Reynolds
2021-05-12 20:40 ` Patrick Williams
2021-05-14 18:26 ` Joseph Reynolds
2021-05-12 21:35 ` Michael Richardson
2021-05-14 18:50 ` Joseph Reynolds
2021-05-13 0:25 ` Andrew Jeffery
2021-05-14 19:02 ` Joseph Reynolds
2021-05-16 23:15 ` Andrew Jeffery [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=464e2eba-c3bb-421f-b336-e50941ff5cd9@www.fastmail.com \
--to=andrew@aj.id.au \
--cc=jrey@linux.ibm.com \
--cc=openbmc@lists.ozlabs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.