[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [RFC PATCH] Make Security Policy Doc ready to become a CNA

Ian,

can we agree on a final URL for the generated docs (the ones generated from SUPPORT.md). That would enable me to send out a new series

Lars

 

From: Lars Kurth <lars.kurth.xen@xxxxxxxxx>
Date: Wednesday, 21 March 2018 at 09:18
To: George Dunlap <George.Dunlap@xxxxxxxxxx>
Cc: Lars Kurth <lars.kurth@xxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "committers@xxxxxxxxxxxxxx" <committers@xxxxxxxxxxxxxx>, "security@xxxxxxxxxxxxxx" <security@xxxxxxxxxxxxxx>
Subject: Re: [RFC PATCH] Make Security Policy Doc ready to become a CNA

 

 



On 20 Mar 2018, at 17:38, George Dunlap <george.dunlap@xxxxxxxxxx> wrote:

 

On 03/19/2018 04:37 PM, Lars Kurth wrote:

And this time with patch: note to myself - never try sendmail with --compose again (-;

This patch contains a proposal to change https://xenproject.org/security-policy.html 
such that it points to SUPPORT.md. Having scope and process information is necessary
to become a CNA. This is the last piece, before formally asking to become a CNA.

To make the review of this easier, I based it on xenbits:/larsk/governance.git
(contains the pandoc as published today and the html)

Regards
Lars
---
[PATCH] Make Security Policy Doc ready to become a CNA

To become a CNA, we need to more clearly specifiy the scope of
security support. This change updates the document and points
to SUPPORT.md and pages generated from SUPPORT.md

Expected changes:
- Resend once the URL that is currently open has been agreed
 with Ian Jackson

Signed-off-by: Lars Kurth <lars.kurth@xxxxxxxxxx>
---
security-policy.pandoc | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/security-policy.pandoc b/security-policy.pandoc
index 5783183..22e274b 100644
--- a/security-policy.pandoc
+++ b/security-policy.pandoc
@@ -19,6 +19,14 @@ Scope of this process

This process primarily covers the [Xen Hypervisor
Project](index.php?option=com_content&view=article&id=82:xen-hypervisor&catid=80:developers&Itemid=484).
+Specific information about features with security support can be found in
+
+1.  [SUPPORT.md](http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=SUPPORT.md)
+    in the releases' tar ball and its xen.git tree and on
+    [web pages generated from the SUPPORT.md file](add URL)


Not sure we should include the direct (ugly) link.  Other than that
looks OK to me.

 

No strong opinion either way. There is no real harm in having it and it's just a link on the final document

Lars

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.