| Info | ||
|---|---|---|
| ||
These are draft proposals presented at the Denver 2010 Project Co-ordination meeting for discussion and community adoption. Please read these proposals in conjunction with the Security Policy. If you have feedback, please comment on this page or contact ~smarquard Former user (Deleted). Both the 2.x and 3.x working groups at the co-ordination meetings assented to the proposals listed here (as of 18 June 2010). |
...
- We aim to address all reported security issues within 7 calendar days (analyse, fix, merge, supply patches and communicate to security contacts).
- If the above is not possible, an initial security advisory will be issued to security contacts within 7 calendar days of a security issue being reported.
- A designated Sakai Security Officer will own the incident process from notification to final resolution (including sending out the initial advisory).
- There will be 4 designated Sakai Security Officers: 1 directly appointed by the Foundation, 3 from the community. The community roles will rotate after 6 or 12 months:
- Anthony Whyte (Foundation)
- To be volunteeredMegan May
- To be volunteered
- Stephen Marquard (6 months)
...