[Python-Dev] security SIG?
Ethan Furman
ethan at stoneleaf.us
Sun Jun 19 15:54:47 EDT 2016
More information about the Python-Dev mailing list
Sun Jun 19 15:54:47 EDT 2016
- Previous message (by thread): [Python-Dev] security SIG?
- Next message (by thread): [Python-Dev] security SIG?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 06/19/2016 12:39 PM, Nick Coghlan wrote: > On 18 June 2016 at 10:36, Ethan Furman wrote: >> To sum up: I think it would be a good idea. > > I'm coming around to this point of view as well. import-sig, for > example, is a very low traffic SIG, but I think it serves three key > useful purposes: > > - it clearly indicates that import is a specialist topic with > additional considerations to take into account that may not be obvious > to developers touching the import system for the first time > - it provides a forum to collaboratively craft explanations of > proposed changes that should make sense to folks that *aren't* > specialists > - anyone that wants to become an "import system expert" can join the > SIG and learn from the intermittent discussions of proposed changes [...] > As far as names go, my vote would be for "paranoia-sig" - it nicely > avoids any risk of folks submitting security bugs there instead of to > the PSRT, and "We're professionally paranoid, so you don't need to be" > is an apt description of good security sensitive API design in a > general purpose language like Python :) Heh. I like it. If no one comes up with any other names I'll get the SIG requested mid-week-ish. -- ~Ethan~
- Previous message (by thread): [Python-Dev] security SIG?
- Next message (by thread): [Python-Dev] security SIG?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list