You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by Berin Lautenbach <be...@ozemail.com.au> on 2003/01/17 09:48:43 UTC

[Fwd: Re: xml.apache.org refactoring #1]

  Christian et al in security-dev,

Any thoughts?  I'd be interested in helping out with both the PMC side 
and Security side if we are going to head down the road of 
incorporating/adding a C++ version.

Cheers,
    Berin

-------- Original Message --------
Subject: Re: xml.apache.org refactoring #1
Date: Thu, 16 Jan 2003 22:19:51 +0100 (CET)
From: Dirk-Willem van Gulik <di...@webweaving.org>
To: rpc-dev@xml.apache.org
CC: general@xml.apache.org, <pm...@xml.apache.org>, 
<xe...@xml.apache.org>, <xe...@xml.apache.org>, 
<xe...@xml.apache.org>, <xa...@xml.apache.org>, 
<co...@xml.apache.org>, <fo...@xml.apache.org>, 
<fo...@xml.apache.org>, <xa...@xml.apache.org>, 
<so...@xml.apache.org>, <ba...@xml.apache.org>, 
<se...@xml.apache.org>, <xi...@xml.apache.org>, 
<ax...@xml.apache.org>, <cr...@xml.apache.org>, ASF Board 
<bo...@apache.org>

On Thu, 16 Jan 2003, Ted Leung wrote:

> We ask each subproject to nominate 1 (or 2) people from that project to
> be a part of the XML PMC.  From my experience, I think that it will be
> better to have 2 people rather than one in order to share workload, etc.

Another task we need nominees for (or will let default to these people) is
that of security contact for each the respective projects.

What this implies is that you will act as a filter and coordinator to deal
with the often time criticial, and not always entirely public, process of
analysing a vulnerability; confirming it and working the likes of CERT to
prepare an advisory. Calling in your peers when neccesary.

Should you have any questions about this role; Ben Laurie (ben@apache.org)
leads the ASF wide security coordination effort.

Dw

Re: [Fwd: Re: xml.apache.org refactoring #1]

Posted by Berin Lautenbach <be...@ozemail.com.au>.

Given the e-mail from Ted....  Just in case you hadn't had enough of voting!

blautenb: +1

Christian Geuer-Pollmann wrote:

>Hi Berin,
>
>thanks for that offer. Yes, support from a second person would be fine. So
>if we go down the road, myself (Christian) for the Java Version and you
>(Berin) for the C++ version are good contacts as security contacts for
>security-dev, and I guess the same would make sense for the PMC stuff. 
>
>So here's my 
>+1
>
>Christian
>
>--On Freitag, 17. Januar 2003 19:48 +1100 Berin Lautenbach
><be...@ozemail.com.au> wrote:
>
>  
>
>>  Christian et al in security-dev,
>>
>>Any thoughts?  I'd be interested in helping out with both the PMC side
>>and Security side if we are going to head down the road of
>>incorporating/adding a C++ version.
>>
>>Cheers,
>>    Berin
>>
>>-------- Original Message --------
>>Subject: Re: xml.apache.org refactoring #1
>>Date: Thu, 16 Jan 2003 22:19:51 +0100 (CET)
>>From: Dirk-Willem van Gulik <di...@webweaving.org>
>>To: rpc-dev@xml.apache.org
>>CC: general@xml.apache.org, <pm...@xml.apache.org>,
>><xe...@xml.apache.org>, <xe...@xml.apache.org>,
>><xe...@xml.apache.org>, <xa...@xml.apache.org>,
>><co...@xml.apache.org>, <fo...@xml.apache.org>,
>><fo...@xml.apache.org>, <xa...@xml.apache.org>,
>><so...@xml.apache.org>, <ba...@xml.apache.org>,
>><se...@xml.apache.org>, <xi...@xml.apache.org>,
>><ax...@xml.apache.org>, <cr...@xml.apache.org>, ASF Board
>><bo...@apache.org>
>>
>>
>>
>>On Thu, 16 Jan 2003, Ted Leung wrote:
>>
>>    
>>
>>>We ask each subproject to nominate 1 (or 2) people from that project to
>>>be a part of the XML PMC.  From my experience, I think that it will be
>>>better to have 2 people rather than one in order to share workload, etc.
>>>      
>>>
>>Another task we need nominees for (or will let default to these people) is
>>that of security contact for each the respective projects.
>>
>>What this implies is that you will act as a filter and coordinator to deal
>>with the often time criticial, and not always entirely public, process of
>>analysing a vulnerability; confirming it and working the likes of CERT to
>>prepare an advisory. Calling in your peers when neccesary.
>>
>>Should you have any questions about this role; Ben Laurie (ben@apache.org)
>>leads the ASF wide security coordination effort.
>>
>>Dw
>>
>>
>>
>>
>>    
>>
>
>
>
>  
>

Re: [Fwd: Re: xml.apache.org refactoring #1]

Posted by Christian Geuer-Pollmann <ge...@nue.et-inf.uni-siegen.de>.

Hi Berin,

thanks for that offer. Yes, support from a second person would be fine. So
if we go down the road, myself (Christian) for the Java Version and you
(Berin) for the C++ version are good contacts as security contacts for
security-dev, and I guess the same would make sense for the PMC stuff. 

So here's my 
+1

Christian

--On Freitag, 17. Januar 2003 19:48 +1100 Berin Lautenbach
<be...@ozemail.com.au> wrote:

>   Christian et al in security-dev,
> 
> Any thoughts?  I'd be interested in helping out with both the PMC side
> and Security side if we are going to head down the road of
> incorporating/adding a C++ version.
> 
> Cheers,
>     Berin
> 
> -------- Original Message --------
> Subject: Re: xml.apache.org refactoring #1
> Date: Thu, 16 Jan 2003 22:19:51 +0100 (CET)
> From: Dirk-Willem van Gulik <di...@webweaving.org>
> To: rpc-dev@xml.apache.org
> CC: general@xml.apache.org, <pm...@xml.apache.org>,
> <xe...@xml.apache.org>, <xe...@xml.apache.org>,
> <xe...@xml.apache.org>, <xa...@xml.apache.org>,
> <co...@xml.apache.org>, <fo...@xml.apache.org>,
> <fo...@xml.apache.org>, <xa...@xml.apache.org>,
> <so...@xml.apache.org>, <ba...@xml.apache.org>,
> <se...@xml.apache.org>, <xi...@xml.apache.org>,
> <ax...@xml.apache.org>, <cr...@xml.apache.org>, ASF Board
> <bo...@apache.org>
> 
> 
> 
> On Thu, 16 Jan 2003, Ted Leung wrote:
> 
>> We ask each subproject to nominate 1 (or 2) people from that project to
>> be a part of the XML PMC.  From my experience, I think that it will be
>> better to have 2 people rather than one in order to share workload, etc.
> 
> Another task we need nominees for (or will let default to these people) is
> that of security contact for each the respective projects.
> 
> What this implies is that you will act as a filter and coordinator to deal
> with the often time criticial, and not always entirely public, process of
> analysing a vulnerability; confirming it and working the likes of CERT to
> prepare an advisory. Calling in your peers when neccesary.
> 
> Should you have any questions about this role; Ben Laurie (ben@apache.org)
> leads the ASF wide security coordination effort.
> 
> Dw
> 
> 
> 
>