oss-sec mailing list archives
Re: CFPs and con invitations on the list
From: Josh Bressers <bressers () redhat com>
Date: Thu, 25 Mar 2010 10:24:45 -0400 (EDT)
----- "Solar Designer" <solar () openwall com> wrote:
Hi Josh, Thank you for speaking up. On Mon, Mar 15, 2010 at 09:52:22AM -0400, Josh Bressers wrote:----- "Solar Designer" <solar () openwall com> wrote:That said, I won't be approving any further "multi-conference" stuff, but I've just approved a HITB announcement... BTW, Hafez Kamal has been a subscriber to oss-security for a while.I agree with this decision. I don't see such announcements adding any value here, and probably just increase the noise level.I find the above confusing. First you say that you agree with my decision to be selective about the announcements (reject some, approve some others), then you state that "such announcements" (all of them?) don't add any value in your opinion. Please clarify.
Sorry, I misread your comment. I was under the impression you were suggesting after this point, we don't approve any more conference postings.
Unless someone has a compelling argument FOR letting these though,So far, I only got a few "I don't mind to receive these" responses (off-list). I don't think these count as "compelling arguments", yet I am also not very comfortable about rejecting messages that some people are sending and others don't mind receiving.
If folks don't mind getting these, and there aren't too many, I won't complain.
I think this is an acceptable policy.Please define the policy first.
This is from when I was under the impression it's "no more conference announcements".
I think that it's not great to just do nothing about these postings - neither approve nor reject them, letting them get bounced to the senders with an automated message stating that "the list moderators for the oss-security list have failed to act on your post." It is best to either approve or explicitly reject messages, providing an explanation to the sender.
I'll keep this in mind. Historically I just ignore moderation requests I feel don't belong (although I also have been very busy lately and not paying attention to the moderation queue, this is mostly over now, so I'll keep an eye on things).
As you have noticed, I've approved two additional HITB postings recently - one about the videos (somewhat valuable), the other a correction (of little value). I think the videos posting was in fact desirable, and it felt illogical to reject these after having approved the Agenda posting.
That seemed reasonable to me.
Now we have the following in the moderation queue: Date: Thu, 25 Mar 2010 00:13:06 +0100 From: Jonathan Brossard <endrazine () gmail com> To: bugtraq () securityfocus com, full-disclosure () lists grok org uk, darklab () lists darklab org, droit-net () cru fr, focus-apple () securityfocus com, focus-linux () securityfocus com, focus-ids () securityfocus com, framework () spool metasploit com, misc () openbsd-france org, oss-security () lists openwall com, owasp-all () lists owasp org, tmplab () lists tmplab org, webappsec () securityfocus com, websecurity () webappsec org, Organization team for Hackito Ergo Sum 2010 <hes2010-orga () lists hackitoergosum org>, Hackito Ergo Sum 2010 - Call For Paper address <hes2010-cfp () lists hackitoergosum org> Subject: Hackito Ergo Sum Conference (Paris 8-10 April 2010) : Schedule Some of the talk topics they're announcing are quite curious and relevant, in my opinion. Jonathan Brossard has been on the oss-security list for some months.
I think those headers bring up a good point. This is comparable to the old days of cross posting to lots of gropus on usenet (for you young folks, it was frowned upon). Perhaps we encourage messages DIRECTED at oss-security, rather than shotgun announcements.
I guess you don't want this approved - at least, you're not doing that. If so, I'd appreciate it if you help us define a policy and explicitly reject this posting according to that. Or should we approve it? Or do you want us to not get distracted to this topic, continuing to ignore it (as being of little relevance to the purpose of oss-security)?
I think given our current lack of policy, we should probably approve such messages, as I don't want to make the content based on if I'm grumpy or annoyed at someone on a given day :) So this list has a defined audience, the security minded citizens of Open Source. I could see a couple possible announcement policies (not just for conferences, this could apply for lots of stuff) 1) Approve them all. (we already have full-disclosure, we don't really need another) 2) Approve only things obviously tailored for the list. (this is a bit snobbish I admit) 3) Approve only things geared at Open Source. (I sort of like this one, but the line is REALLY fuzzy) 4) Approve posts from list memebers who've been on the list for > 1 month. (I suspect this is the best solution) Perhaps something that falls backward through that list, stopping at #2. If a post meets any of the conditions in #2, #3, or #4, it's in. Thanks. -- JB
Current thread:
- [cansecwest] Advanced PHP Hacking Laurent OUDOT at TEHTRI-Security (Mar 03)
- CFPs and con invitations on the list (was: [cansecwest] Advanced PHP Hacking) Solar Designer (Mar 03)
- Re: CFPs and con invitations on the list Solar Designer (Mar 12)
- Re: CFPs and con invitations on the list Jon Oberheide (Mar 12)
- Re: CFPs and con invitations on the list Solar Designer (Mar 14)
- Re: CFPs and con invitations on the list Josh Bressers (Mar 15)
- Re: CFPs and con invitations on the list Solar Designer (Mar 24)
- Re: CFPs and con invitations on the list Josh Bressers (Mar 25)
- Re: CFPs and con invitations on the list Matthias Andree (Mar 25)
- Re: CFPs and con invitations on the list Jonathan Brossard (Mar 25)
- Re: CFPs and con invitations on the list Solar Designer (Mar 12)
- CFPs and con invitations on the list (was: [cansecwest] Advanced PHP Hacking) Solar Designer (Mar 03)