Re: Closed list

[Marc Deslauriers <marc.deslauriers () canonical com>]

On Mon, 2011-04-04 at 10:51 +0200, Marcus Meissner wrote:
> On Mon, Apr 04, 2011 at 09:42:37AM +0100, Mark J Cox wrote:
> > > I've subscribed Mark.  So we have two representatives for Red Hat (Mark
> > > and Josh).
> >
> > Limiting a distro to two or three representatives is going to make things 
> > tricky for Red Hat; we have a rather large dedicated security response 
> > team (as we publish over 300 advisories a year across 70 product/versions 
> > and have a number of folks dealing with 'incoming' issues spread, and my 
> > team is dispersed across 9 different countries).  If these representatives 
> > have been very active on v-s and oss-security is there a reason to limit?
>
> Similar for SUSE. We currently have 3 engineers rotating through the incident
> manager role (and myself).

Same for Ubuntu. Limiting membership to two representatives would mean a
lot of email from the list is going to be forwarded to the other members
of our security team. Although limiting membership may seem like a good
idea to contain leaks, having to forward email to non-members because of
an arbitrary limitation would surely defeat that goal.

Marc.

-- 
Marc Deslauriers
Ubuntu Security Engineer     | http://www.ubuntu.com/
Canonical Ltd.               | http://www.canonical.com/