Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 17 Jun 2014 15:32:59 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: transparency on message moderation

On Sun, Jun 08, 2014 at 03:16:31PM -0400, Josh Bressers wrote:
> > general.  I also like to take this opportunity to thank Kurt Seifried,
> > Josh Bressers, and Vincent Danen for their help approving obviously
> > on-topic oss-security postings sometimes quicker than I do.
> 
> I can't take credit for this. I'm probably the worst list moderator ever.
> It would certainly make sense to have someone replace me as a moderator,
> probably not from Red Hat to help avoid any possible conspiracies.

Josh, I do recall you wanted to resign as a co-moderator a while ago,
and it makes sense for us to have a new co-moderator from neither
Openwall nor Red Hat, and preferably not from a for-profit Linux
company.  For example, someone from Debian or a *BSD could be OK, or
some active oss-security contributor who is not with any distro.

IIRC, a long while ago Henri Salo expressed an interest (in private
e-mail to me) in contributing to this sort of activities.  Henri, would
you like to help co-moderate oss-security - which currently means only
approving obviously-desirable messages, and leaving everything else to
me?  What are your current affiliations (e.g., any Linux distro)?

On Sun, Jun 08, 2014 at 07:27:11PM -0400, rea wrote:
> I have no stake in the game. If you need a hand just let me know.

Thanks rea, but as far as I can tell this is the very first time you
posted to oss-security.  While the task of approving obviously-desirable
messages quickly is simple enough that I think you'd manage well, I
think it's better for us to choose a co-moderator who has been actively
contributing to discussions on oss-security.

I've also received an offer off-list from someone who is with a
for-profit Linux-related company.  While I appreciate the offer greatly,
I think it's preferable for our new co-moderator to have no such
affiliation.  I'm confident this doesn't actually matter for how the
messages are processed (as long as I'm involved and I see the lack of
abusive delays), but I guess it might matter for the confidence of
others who don't have this sort of direct visibility into how message
moderation is done.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.