[netrek-dev] code-management <-> key-management

Fri Mar 21 18:35:42 CDT 2008

On Thu, Mar 20, 2008 at 05:50:58PM +0100, Rado S wrote:
> =- James Cameron wrote on Thu 20.Mar'08 at 13:13:33 +1100 -=
> 
> > > > > Could you handle key-management (i.e. client approval) with
> > > > > the same efficiency, since it's basically about code
> > > > > control, given how well you're organized for code review?
> > > > 
> > > > No. It isn't about code control alone, the job would also
> > > > require running clients on various operating systems. I'm just
> > > > not set up for that.
> > > 
> > > Uh, why other platforms?
> > > Isn't it enough to see the "core" is OK and once it passed ask
> > > for others with access to required platforms to help out?
>                                                     ^^^^^^^^
> > To do it right would need both code review, and checking that the
> > binary was built from the code, e.g. by building it again, and
> > then running it.
> 
> What about a trusted community, supporter, servant?

We have that already.

The client developer has the community's full trust.  But the process
they go through lacks transparency and is impossible to verify unless
there is build process documentation.  It is impractical to verify
without build capability.

Our key list manager also has the community's full trust.  The process
they go through to approve a key is more transparent and verifiable.

You're asking whether what I suggested ("To do it right") could be done
by a trusted community, or a supporter, or a servant.  Certainly, yes.

> Can't you trust anyone else besides you?

Yes.

But whom I trust is not at issue here.  It is who you trust that is at
issue.

> Why do you have to do all "the dirty work" by yourself?

Because nobody else does.  I value highly the contributions by client
developers, the five active server developers, the key list manager, and
the web site content developers.  Some of these are areas I have failed
in; such as client development, and web site content development.

Permit my philosophy ... sometimes I take up the baton to do a task, and
do it so badly that someone else comes in to do it better.  I think I do
server development management quite badly (compared to dishwashing), yet
there are no volunteers to take over the role.  I conclude I must be
adequate at it.

Rado, I'm finding your method of encouragement offensive, unwelcome,
idiotic, and incompetent.  I strongly suggest you get personal advice
from someone you trust who can speak the international english we use
here.  Even better if that someone understand the ethics of open source
projects.

Alternative, if you wish to self-improve and learn how to engage this
developer community efficiently, read the book _The Hacker Ethic and the
Spirit of the Information Age_ by the Finnish philosopher Professor
Pekka Himanen.  Perhaps you can find it in a library or a bookshop.
Please your native language version.

-- 
James Cameron    mailto:quozl at us.netrek.org     http://quozl.netrek.org/