lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZzNppQIQm6O6lnfW@finisterre.sirena.org.uk>
Date: Tue, 12 Nov 2024 14:43:49 +0000
From: Mark Brown <broonie@...nel.org>
To: Shuah Khan <skhan@...uxfoundation.org>
Cc: gregkh@...uxfoundation.org, corbet@....net, workflows@...r.kernel.org,
	linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Miguel Ojeda <ojeda@...nel.org>,
	Dave Hansen <dave.hansen@...ux.intel.com>,
	Steven Rostedt <rostedt@...dmis.org>,
	Dan Williams <dan.j.williams@...el.com>,
	Dave Airlie <airlied@...il.com>,
	DRI Development <dri-devel@...ts.freedesktop.org>
Subject: Re: [PATCH] Documentation/CoC: spell out enforcement for
 unacceptable behaviors

On Mon, Nov 11, 2024 at 02:50:45PM -0700, Shuah Khan wrote:
> On 11/11/24 13:07, Simona Vetter wrote:

> > Personal take, but I think a forced public apology as the primary or at
> > least initial coc enforcement approach is one of the worst.

...

> This document isn't intended to be a complete summary of all actions the
> CoC takes in response to reports. There is a lot of back and forth with
> the individuals to bring about change before the CoC asks for an apology.

I guess it would be good to explicitly call out (possibly in an
incremental change on top of this one) that the specific enforcement
steps here are examples, and are mainly for cases where a more
mediation/education based approach fails or extreme cases where they're
inappropriate?  Neither the existing document nor the current change
make that explicit (at least to my reading), it's clear from for example
the reports that are sent that the existing practice is to try to use
those approaches first but I'm not sure that people would realise that
from this document alone.

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ