lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 08 Oct 2007 11:24:45 -0600
From:	Jonathan Corbet <corbet@....net>
To:	linux-kernel@...r.kernel.org
Subject: RFC: reviewer's statement of oversight

Last month, at the kernel summit, there was discussion of putting a
Reviewed-by: tag onto patches to document the oversight they had
received on their way into the mainline.  That tag has made an
occasional appearance since then, but there has not yet been a
discussion of what it really means.  So it has not yet brought a whole
lot of value to the process.

As I was trying to sleep last night, it occurred to me that what we
might need is an equivalent of the DCO for the Reviewed-by tag.  To that
end, I dedicated a few minutes of my life to the following bit of text.
It's really just meant to be a starting point for the discussion.  Is
the following something close to what we understand Reviewed-by to mean? 

jon


Reviewer's statement of oversight v0.01

By offering my Reviewed-by: tag, I state that:

 (a) I have carried out a technical review of this patch to evaluate its
     appropriateness and readiness for inclusion into the mainline kernel. 

 (b) Any problems, concerns, or questions relating to the patch have been
     communicated back to the submitter.  I am satisfied with how the
     submitter has responded to my comments.

 (c) While there may (or may not) be things which could be improved with
     this submission, I believe that it is, at this time, (1) a
     worthwhile addition to the kernel, and (2) free of serious known
     issues which would argue against its inclusion.

 (d) While I have reviewed the patch and believe it to be sound, I can not
     (unless explicitly stated elsewhere) make any warranties or guarantees
     that it will achieve its stated purpose or function properly in any
     given situation.

 (e) I understand and agree that this project and the contribution are
     public and that a record of the contribution (including my Reviewed-by
     tag and any associated public communications) is maintained
     indefinitely and may be redistributed consistent with this project or
     the open source license(s) involved.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ