initial agenda bits

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@24545 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 64 insertions, 0 deletions

diff --git a/org/agenda-2014.txt b/org/agenda-2014.txt
new file mode 100644
index 0000000000..56c2de5b41
--- /dev/null
+++ b/org/agenda-2014.txt
@@ -0,0 +1,64 @@
+
+Agenda for Security Team Meeting
+
+
+
+Workflow
+========
+
+- Opening up the security process further to allow maintainers of packages with
+  frequent issues to release updates themselves
+  - Updates need to be reviewed/acked by sec team members
+  - Requires changes to dak to no longer require access to security-master, e.g.
+    by using a mechanism similar to allowing a DM to upload and sendingk error 
+    messages to the signer of the upload (already requested by Thijs)
+  - Requires changes to debian-security-announce
+
+- Is dsa-needed an improvement? What shall we do with embargoed issues?
+
+- Ditch RT?
+
+- Draft new people, possible candidates
+
+Archive tools
+=============
+
+- Compile a list of issues we want to see fixed
+
+- Do we really need the embargo queue? This would simplify dak/FTP situations immensely.
+
+
+Tracker
+=======
+
+- Add a new status to differentiate between "no-dsa, if the maintainer wants 
+  to fix in a point update go ahead" and "no-dsa, was ignored because it's
+  possible to backport".
+
+- Automatic weekly status on open issues sent to maintainers (catches
+  issues which fell through the cracks, like CVE-2013-2236)
+
+- Check open bugs in the BTS, check bugs against security-tracker pseudo package
+
+- Migrate to git?
+
+Documentation
+=============
+
+- Work on proper documentation how people can contribute
+
+
+Others
+======
+
+- d-d-a mail for file collecting willing testers for exotic setups
+
+- Compile a list of test instructions for key packages
+
+
+LTS
+===
+
+- Setup and organisation
+
+- Gather a specific list of people interested in contributing (e.g. credative already stepped forward)
\ No newline at end of file