Features Download
From: Paul W. Frields <stickster <at> gmail.com>
Subject: Fedora Board Recap 2009-03-24
Newsgroups: gmane.linux.redhat.fedora.advisory-board
Date: Tuesday 24th March 2009 22:10:16 UTC (over 9 years ago)

== Roll Call ==

* Board Members: Paul Frields, Seth Vidal, Chris Aillon, Chris Tyler,
  Jesse Keating, Matt Domsch, Bill Nottingham, Harald Hoyer, Dimitris
  Glezos, Spot Callaway

* Secretary: Paul Frields (filling in for John Poelstra, sadly missed)

== Involvement of the Board in Future Security Incidents ==
* Topic proposed by Dimitris Glezos (2009-02-03)
* Should the board be notified in the instance of future events?
* Several noted that Mike McGrath is working on security policy as part of
the CSI (Community Services Infrastructure) documentation, and security
policy, including incident reporting, is part of that set of docs
* pfrields: Mike was unavailable because of prior conflicts but we can
invite him to next available call
* glezos: response in this matter continues to affect our community image
** How do we deal with this next time?  What needs to change? Answering
these questions ''clearly'' is of key importance
* notting: As said, 'security policy, including incident reporting, is part
of that set of docs' - "how we deal with this" is the goal of the document.
* glezos: The way we dealt with the incident affected and affects Fedora's
** This is somewhat of a crisis management issue
** discuss with Mike:
*** servers co-located with RH in PHX -- have policy in place that
addresses them
*** servers outside any RH-owned colo -- have Fedora (& Board) be most
*** strategy for increasing server location on which Fedora (& Board) can
be most accountable
* notting:  fundamental conflict with budget - we're unlikely to get tens
of terabytes of storage in multiple GEOs randomly donated
* pfrields: timeline for community expectations
* glezos: basis to expand services to other places, i.e. move away from
* mdomsch: PHX and other colo's provide a high degree of service that are
hard to get elsewhere
* skvidal: Because RHEL is downstream of Fedora, if we have reason to
believe there's risk to Fedora, Red Hat is a natural stakeholder
* spot: No reason we couldn't give Red Hat a timeline for our announcements
* glezos: Can we at least ensure Board has a seat at the table in any
decision making?
* spot: If we go beyond the borders of Fedora, the situation generally
demands NDAs
* Invite Mike McGrath on list and at 2009-04-14 meeting, to discuss his
thoughts, status of an incident reporting policy, and target completion
date for written policy
* Once ready, have Mike present the policy to Board for discussion

== Contributions from Embargoed Nations ==
* Topic proposed by Paul Frields
* Paul and Spot are consulting with Red Hat legal and discussions continue
* Long discussion about speculations on what exactly the law requires and
how it ties our hands in many ways (all Board members contributed)
* Ongoing discussions on what is allowed to be used from upstream servers,
and how Fedora cannot police upstream projects
* Translations a good example of universal, non-code bits
* Overall, Board continues to desire a fair policy for all potential
* Spot and Paul to report back with more information as it becomes

== What is Fedora ==
* Continuing discussion centered around the ''Four Foundations''
** https://fedoraproject.org/wiki/Foundations
* Are there values currently reflected in Fedora that are not captured by
the ''Four Foundations''?
** Request that the board offers feedback on the wiki pages by 2009-03-22
* Planned progression is:
*# Mission Statement (done)
*# Core Values (done)
*# Vision Statements (in progress)
* Core values have been agreed upon in [[Foundations]] page
** mdomsch: comment on discussion page, edit in as appropriate
* pfrields: Next, take ideas from [[Objectives]], combine and/or flesh them
out as needed, to provide rationale for decision making by Board
** This will help community members in cases where the Board has to take a
position of supporting certain initiatives
* mdomsch, pfrields: Basic rule: contributors should ''always'' be
empowered to try new things, even if they don't fall under the Fedora
* Paul to start ball rolling with email that takes a bite-sized chunk of
page, suggests changes, and sets deadline.
* Board members to respond with discussion. 
Paul W. Frields                                http://paul.frields.org/
  gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233  5906 ACDB C937 BD11 3717
  http://redhat.com/   -  -  -  -   http://pfrields.fedorapeople.org/
  irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug
CD: 15ms