Re: [qubes-users] Security announcement mailing list? [and others]
69 views
Skip to first unread message
Franz
Oct 21, 2016, 6:47:47 PM10/21/16
to jkitt, qubes-users
On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
a security reports and updates ML with very few threads started only by developers (this is intended to be subscribed by everybody)
a security discussion ML with threads started by everyone
a hardware ML with all issues related to HCL PCI devices, special cases
a getting started ML for new users needing help to understand the system
a ordinary issues ML this is for backup restore, upgrades, DVM etc.
Shouldn't a security focused distro make security announcement in a more direct and urgent way? I was surprised to find that Qubes only had a 'users' and 'development' mailing list.
I agree, there was a project to create a forum, but was abandoned because developers prefer the ML mailing list. But even subscribing to the ML format I see a need to subdivide the content because there are so many email arriving that following everything is a burden. How can one pretend that a newcomer inbox is invaded by such a flow of emails. Most will opt-out.
Maybe I am wrong but I imagine that subdividing the flow in various streams there will be no drawback even if one wants to subscribe to all MLs
For example the qubes-users ML may be subdivided as follows:
a security reports and updates ML with very few threads started only by developers (this is intended to be subscribed by everybody)
a security discussion ML with threads started by everyone
a hardware ML with all issues related to HCL PCI devices, special cases
a getting started ML for new users needing help to understand the system
a ordinary issues ML this is for backup restore, upgrades, DVM etc.
a special issues ML this is for new ideas, servers, Whonix, Arch-Linux etc
That is something similar to what a forum would do, but in the ML format, to try to keep some order in a matter that is getting too rich for most people to follow properly.
Best
Fran
--
You received this message because you are subscribed to the Google Groups "qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscribe@googlegroups.com.
To post to this group, send email to qubes...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6ca183be-e33f-4dbd-a001-651f7ec08a78%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
raah...@gmail.com
Oct 21, 2016, 11:08:32 PM10/21/16
to qubes-users, jazzki...@gmail.com
On Friday, October 21, 2016 at 6:47:47 PM UTC-4, Francesco wrote:
> On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
> Shouldn't a security focused distro make security announcement in a more direct and urgent way? I was surprised to find that Qubes only had a 'users' and 'development' mailing list.
>
>
>
>
>
>
> I agree, there was a project to create a forum, but was abandoned because developers prefer the ML mailing list. But even subscribing to the ML format I see a need to subdivide the content because there are so many email arriving that following everything is a burden. How can one pretend that a newcomer inbox is invaded by such a flow of emails. Most will opt-out.
>
>
> Maybe I am wrong but I imagine that subdividing the flow in various streams there will be no drawback even if one wants to subscribe to all MLs
>
>
> For example the qubes-users ML may be subdivided as follows:
>
>
> a security reports and updates ML with very few threads started only by developers (this is intended to be subscribed by everybody)
>
>
> a security discussion ML with threads started by everyone
>
>
> a hardware ML with all issues related to HCL PCI devices, special cases
>
>
> a getting started ML for new users needing help to understand the system
>
>
> a ordinary issues ML this is for backup restore, upgrades, DVM etc.
>
>
> a special issues ML this is for new ideas, servers, Whonix, Arch-Linux etc
>
>
> That is something similar to what a forum would do, but in the ML format, to try to keep some order in a matter that is getting too rich for most people to follow properly.
>
>
> Best
>
> Fran
> --
>
> You received this message because you are subscribed to the Google Groups "qubes-users" group.
>
> To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users...@googlegroups.com.
> On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
> Shouldn't a security focused distro make security announcement in a more direct and urgent way? I was surprised to find that Qubes only had a 'users' and 'development' mailing list.
>
>
>
>
>
>
> I agree, there was a project to create a forum, but was abandoned because developers prefer the ML mailing list. But even subscribing to the ML format I see a need to subdivide the content because there are so many email arriving that following everything is a burden. How can one pretend that a newcomer inbox is invaded by such a flow of emails. Most will opt-out.
>
>
> Maybe I am wrong but I imagine that subdividing the flow in various streams there will be no drawback even if one wants to subscribe to all MLs
>
>
> For example the qubes-users ML may be subdivided as follows:
>
>
> a security reports and updates ML with very few threads started only by developers (this is intended to be subscribed by everybody)
>
>
> a security discussion ML with threads started by everyone
>
>
> a hardware ML with all issues related to HCL PCI devices, special cases
>
>
> a getting started ML for new users needing help to understand the system
>
>
> a ordinary issues ML this is for backup restore, upgrades, DVM etc.
>
>
> a special issues ML this is for new ideas, servers, Whonix, Arch-Linux etc
>
>
> That is something similar to what a forum would do, but in the ML format, to try to keep some order in a matter that is getting too rich for most people to follow properly.
>
>
> Best
>
> Fran
> --
>
> You received this message because you are subscribed to the Google Groups "qubes-users" group.
>
>
> To post to this group, send email to qubes...@googlegroups.com.
>
> To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6ca183be-e33f-4dbd-a001-651f7ec08a78%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.
I use a google account to log in on groups.google.com it lets you know when something new has been posted to a new topic. or what you have unread and read.> To post to this group, send email to qubes...@googlegroups.com.
>
> To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6ca183be-e33f-4dbd-a001-651f7ec08a78%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.
Andrew David Wong
Oct 21, 2016, 11:50:33 PM10/21/16
to Franz, jkitt, qubes-users, Marek Marczykowski-Górecki
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2016-10-21 15:47, Franz wrote:
> On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
>
>> Shouldn't a security focused distro make security announcement in a more
>> direct and urgent way? I was surprised to find that Qubes only had a
>> 'users' and 'development' mailing list.
>>
>>
Marek, what do you think about having a no-reply "qubes-announcements" mailing list?
Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
> I agree, there was a project to create a forum, but was abandoned because
> developers prefer the ML mailing list. But even subscribing to the ML
> format I see a need to subdivide the content because there are so many
> email arriving that following everything is a burden. How can one pretend
> that a newcomer inbox is invaded by such a flow of emails. Most will
> opt-out.
>
> Maybe I am wrong but I imagine that subdividing the flow in various streams
> there will be no drawback even if one wants to subscribe to all MLs
>
> For example the qubes-users ML may be subdivided as follows:
>
> a security reports and updates ML with very few threads started only by
> developers (this is intended to be subscribed by everybody)
>
> a security discussion ML with threads started by everyone
>
> a hardware ML with all issues related to HCL PCI devices, special cases
>
> a getting started ML for new users needing help to understand the system
>
> a ordinary issues ML this is for backup restore, upgrades, DVM etc.
>
> a special issues ML this is for new ideas, servers, Whonix, Arch-Linux etc
>
> That is something similar to what a forum would do, but in the ML format,
> to try to keep some order in a matter that is getting too rich for most
> people to follow properly.
>
> Best
> Fran
>
Some of the things you've described should be in qubes-devel, not qubes-users. Have a look at this page, which explains which types of messages should go to which list:
https://www.qubes-os.org/mailing-lists/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYCuH6AAoJENtN07w5UDAwVtUP/35nTaoTVIP7JvJYovxR2oMM
rkes69uf1jBFBS0KJFklE7eNmZ9JnT9AKuyVXpmOr3kAdMkuwwkCKkYzx3LzrO5W
hoLyDMWWDkbuTRjlf2ygvqcmpP14vnJH913B7hFpLnCSFajsMfeUorKXYukZsWVA
mc2RYkEYZlD+CjdV2Rq0/8BVPduoKZLbIa5KwJmxwe2Ja4+qLryOSB1GzKMQWwuh
c64F8NhOfh/6OT35schgSlu+wxvJycQqspdECLOw1E2re/gYKmSDpXdy1RgApzuX
Q5GUM6PNx9xvEYo7dukz3ko6ru/ueNcaAPokUmh2ZdXl1bHz8Gbxet1PCJzlX2kF
3LGX61fXRVdJ77/CvHnxn4EgQ16porycrfbs0AmT2SJz5xYZ7WaV7X6d/2T3B5Gq
NJ+vWUbv6g6SiHJ235XYoXH2ax4YIoBfMYNCmXBlUSm6GZucHqEaYBLqIV2WIWik
65noDR9iZw6OUVSjjNpMLtxGNJN9LQH+PkR297wBLeCEFYyziit9E/LvsMZAsYA6
SK3uuNh3K1TpJwOgZyUVbz70UBg893AnXwccRFQxYMnnMvEpjJxUyen1pkot3leU
BtCR64kmcfc8D1lSoOwi2GJPheuoNZ2rU+Q7BctMw+YkimjHK4DfJ8IHB+SlUmQt
5zDFf1rOJDgvFVSp70Tl
=zI6g
-----END PGP SIGNATURE-----
Hash: SHA512
On 2016-10-21 15:47, Franz wrote:
> On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
>
>> Shouldn't a security focused distro make security announcement in a more
>> direct and urgent way? I was surprised to find that Qubes only had a
>> 'users' and 'development' mailing list.
>>
>>
Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
> I agree, there was a project to create a forum, but was abandoned because
> developers prefer the ML mailing list. But even subscribing to the ML
> format I see a need to subdivide the content because there are so many
> email arriving that following everything is a burden. How can one pretend
> that a newcomer inbox is invaded by such a flow of emails. Most will
> opt-out.
>
> Maybe I am wrong but I imagine that subdividing the flow in various streams
> there will be no drawback even if one wants to subscribe to all MLs
>
> For example the qubes-users ML may be subdivided as follows:
>
> a security reports and updates ML with very few threads started only by
> developers (this is intended to be subscribed by everybody)
>
> a security discussion ML with threads started by everyone
>
> a hardware ML with all issues related to HCL PCI devices, special cases
>
> a getting started ML for new users needing help to understand the system
>
> a ordinary issues ML this is for backup restore, upgrades, DVM etc.
>
> a special issues ML this is for new ideas, servers, Whonix, Arch-Linux etc
>
> That is something similar to what a forum would do, but in the ML format,
> to try to keep some order in a matter that is getting too rich for most
> people to follow properly.
>
> Best
> Fran
>
https://www.qubes-os.org/mailing-lists/
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYCuH6AAoJENtN07w5UDAwVtUP/35nTaoTVIP7JvJYovxR2oMM
rkes69uf1jBFBS0KJFklE7eNmZ9JnT9AKuyVXpmOr3kAdMkuwwkCKkYzx3LzrO5W
hoLyDMWWDkbuTRjlf2ygvqcmpP14vnJH913B7hFpLnCSFajsMfeUorKXYukZsWVA
mc2RYkEYZlD+CjdV2Rq0/8BVPduoKZLbIa5KwJmxwe2Ja4+qLryOSB1GzKMQWwuh
c64F8NhOfh/6OT35schgSlu+wxvJycQqspdECLOw1E2re/gYKmSDpXdy1RgApzuX
Q5GUM6PNx9xvEYo7dukz3ko6ru/ueNcaAPokUmh2ZdXl1bHz8Gbxet1PCJzlX2kF
3LGX61fXRVdJ77/CvHnxn4EgQ16porycrfbs0AmT2SJz5xYZ7WaV7X6d/2T3B5Gq
NJ+vWUbv6g6SiHJ235XYoXH2ax4YIoBfMYNCmXBlUSm6GZucHqEaYBLqIV2WIWik
65noDR9iZw6OUVSjjNpMLtxGNJN9LQH+PkR297wBLeCEFYyziit9E/LvsMZAsYA6
SK3uuNh3K1TpJwOgZyUVbz70UBg893AnXwccRFQxYMnnMvEpjJxUyen1pkot3leU
BtCR64kmcfc8D1lSoOwi2GJPheuoNZ2rU+Q7BctMw+YkimjHK4DfJ8IHB+SlUmQt
5zDFf1rOJDgvFVSp70Tl
=zI6g
-----END PGP SIGNATURE-----
Andrew David Wong
Oct 21, 2016, 11:52:58 PM10/21/16
to Franz, jkitt, qubes-users, Marek Marczykowski-Górecki
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hash: SHA512
On 2016-10-21 20:50, Andrew David Wong wrote:
> On 2016-10-21 15:47, Franz wrote:
>> On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
>
>>> Shouldn't a security focused distro make security announcement in a more
>>> direct and urgent way? I was surprised to find that Qubes only had a
>>> 'users' and 'development' mailing list.
>>>
>>>
>
> Marek, what do you think about having a no-reply
> "qubes-announcements" mailing list?
>
(By "no-reply" I mean that only the Qubes team would be able to send
> On 2016-10-21 15:47, Franz wrote:
>> On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
>
>>> Shouldn't a security focused distro make security announcement in a more
>>> direct and urgent way? I was surprised to find that Qubes only had a
>>> 'users' and 'development' mailing list.
>>>
>>>
>
> Marek, what do you think about having a no-reply
> "qubes-announcements" mailing list?
>
messages to the list.)
> Messages sent from qubes-announcements would also be duplicated to
> qubes-devel and possibly qubes-users so that people have a chance to
> discuss and ask questions.
>
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYCuKNAAoJENtN07w5UDAwmTYP/3fS5PKb4ai3Kb+rBNtHxjA5
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
yer8fQ2Bk/mBlQRYJC48zMf96UxQviCet5jHWyaS/sUyoi7+YxwpIjozfhF2YHOL
pfj3tjFqhQOk/ukJGTsDxGOpwODVDnMuXYK0brLHMLttgt0w8fFsE4gxMPrOcpDT
5rpqZ74hg/r8D0NH0QSq07JnnWFqCOaX3vBQRj9UBQ8MKqLz+Wdw2r0QGOcD5K2K
QiSG/TZGDQFLDG+bwDYxoReMNX2XSAli1BNou4ftxlB3RTZLioHUoYb0USAur0i8
hE7c8IPZCr6oggI7aQEtrSQJPvDJQdazCqpv+5TzpXopASN95xHYMV6X8+exLZFq
P7g3xs6FVB3qewEMLm7vXzJq3w8a9wjBkvzU1UoPirvvG/g81O70uzlk2WDt4gdS
ryRRB5Qg/+gvV56du2SETBRBDGJ22LCgGMNIHzWOSO3ykNZiVBLs/rVdwIbetjyf
QWyGsd2zkw6w3SCMVlxg0a0Mgpdu0mtN90wiZt/KuBGImCondbiEjywjaQytDlq8
2ggzQsTPo6pBZNnzeluUzxz4uOowRmAjRq33FvDlUfD2RavmbxnHbvHEpZe/Qujs
1BpoULPAi5FrEnfsNpRyDzR1pkF7qEydFjqg7f8Zc5g+omsLQ7DPYhyQDkbFqMJz
H6a+w1WB6pTLH7XUHQZO
=694f
-----END PGP SIGNATURE-----
Marek Marczykowski-Górecki
Oct 22, 2016, 3:56:13 PM10/22/16
to Andrew David Wong, Franz, jkitt, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Fri, Oct 21, 2016 at 08:50:20PM -0700, Andrew David Wong wrote:
> On 2016-10-21 15:47, Franz wrote:
> > On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
> >
> >> Shouldn't a security focused distro make security announcement in a more
> >> direct and urgent way? I was surprised to find that Qubes only had a
> >> 'users' and 'development' mailing list.
> >>
> >>
>
> Marek, what do you think about having a no-reply "qubes-announcements" mailing list?
>
> Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
I'm not sure if it worth it. There is not much such announcements. On
the other hand, this may be exactly the reason for having a separate
mailing list for this. For now, we have already some non-email channels
for announcements:
- @QubesOS on twitter - every security and release announcement is
duplicated there
- https://www.qubes-os.org/news/, with its RSS/Atom feed; but we don't
link security announcements there - maybe we should start?
If you think additional ML channel would be useful, then sure, we can
create one.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJYC8RXAAoJENuP0xzK19cs8MgIAIEV8JJWXysyDB3k5ilvDUzQ
fmebsTcS75WU/2VkrFu5Qnj831N/17MsAFEvT4P8LmGm/N8wdtzpwnNc6/QrPtHc
XJtyI8Wa8TglXUPMfoz9PvVgIFnZgUh9WGXr01d57U0XTfy2PqGPvNKo8ccocftp
ijl189aYraicdoLzd8fhW6F+ngG/lR05aQ06bKWqztgBAmpmu4Wo1+o0zO/IMLYg
FB8Bp/5IVNKR5/eNsqtH4q6lubNCttIoYafjjGnUwGapF96FsIbWMrBfXDX993Wx
DJr+9PWp6BdYRWowAwgYEuwWYNUvl6ljZaO2Ojr/NJSe0SgZrakG7N1XV9Df4F0=
=N5DD
-----END PGP SIGNATURE-----
Hash: SHA256
On Fri, Oct 21, 2016 at 08:50:20PM -0700, Andrew David Wong wrote:
> On 2016-10-21 15:47, Franz wrote:
> > On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
> >
> >> Shouldn't a security focused distro make security announcement in a more
> >> direct and urgent way? I was surprised to find that Qubes only had a
> >> 'users' and 'development' mailing list.
> >>
> >>
>
> Marek, what do you think about having a no-reply "qubes-announcements" mailing list?
>
> Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
the other hand, this may be exactly the reason for having a separate
mailing list for this. For now, we have already some non-email channels
for announcements:
- @QubesOS on twitter - every security and release announcement is
duplicated there
- https://www.qubes-os.org/news/, with its RSS/Atom feed; but we don't
link security announcements there - maybe we should start?
If you think additional ML channel would be useful, then sure, we can
create one.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJYC8RXAAoJENuP0xzK19cs8MgIAIEV8JJWXysyDB3k5ilvDUzQ
fmebsTcS75WU/2VkrFu5Qnj831N/17MsAFEvT4P8LmGm/N8wdtzpwnNc6/QrPtHc
XJtyI8Wa8TglXUPMfoz9PvVgIFnZgUh9WGXr01d57U0XTfy2PqGPvNKo8ccocftp
ijl189aYraicdoLzd8fhW6F+ngG/lR05aQ06bKWqztgBAmpmu4Wo1+o0zO/IMLYg
FB8Bp/5IVNKR5/eNsqtH4q6lubNCttIoYafjjGnUwGapF96FsIbWMrBfXDX993Wx
DJr+9PWp6BdYRWowAwgYEuwWYNUvl6ljZaO2Ojr/NJSe0SgZrakG7N1XV9Df4F0=
=N5DD
-----END PGP SIGNATURE-----
Marek Marczykowski-Górecki
Oct 22, 2016, 3:56:50 PM10/22/16
to Andrew David Wong, Franz, jkitt, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On Sat, Oct 22, 2016 at 09:56:07PM +0200, Marek Marczykowski-Górecki wrote:
> On Fri, Oct 21, 2016 at 08:50:20PM -0700, Andrew David Wong wrote:
> > On 2016-10-21 15:47, Franz wrote:
> > > On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
> > >
> > >> Shouldn't a security focused distro make security announcement in a more
> > >> direct and urgent way? I was surprised to find that Qubes only had a
> > >> 'users' and 'development' mailing list.
> > >>
> > >>
> >
> > Marek, what do you think about having a no-reply "qubes-announcements" mailing list?
> >
> > Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
>
> I'm not sure if it worth it. There is not much such announcements. On
> the other hand, this may be exactly the reason for having a separate
> mailing list for this. For now, we have already some non-email channels
> for announcements:
> - @QubesOS on twitter - every security and release announcement is
> duplicated there
> - https://www.qubes-os.org/news/, with its RSS/Atom feed; but we don't
> link security announcements there - maybe we should start?
>
> If you think additional ML channel would be useful, then sure, we can
> create one.
"would be useful" -> "those existing are not enough".
> On Fri, Oct 21, 2016 at 08:50:20PM -0700, Andrew David Wong wrote:
> > On 2016-10-21 15:47, Franz wrote:
> > > On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
> > >
> > >> Shouldn't a security focused distro make security announcement in a more
> > >> direct and urgent way? I was surprised to find that Qubes only had a
> > >> 'users' and 'development' mailing list.
> > >>
> > >>
> >
> > Marek, what do you think about having a no-reply "qubes-announcements" mailing list?
> >
> > Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
>
> I'm not sure if it worth it. There is not much such announcements. On
> the other hand, this may be exactly the reason for having a separate
> mailing list for this. For now, we have already some non-email channels
> for announcements:
> - @QubesOS on twitter - every security and release announcement is
> duplicated there
> - https://www.qubes-os.org/news/, with its RSS/Atom feed; but we don't
> link security announcements there - maybe we should start?
>
> If you think additional ML channel would be useful, then sure, we can
> create one.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
UbD20hLqNiXdStIXorq3KKvJpprPu0ZM+8yMyfrrwmpKVRWDW5SPh+BnkhRORPik
QlrexmT9Us2Q8PedVyrwj9dhjkcuRPUsx/nApLyZ8FMTi5Hyb2hvToLX212FiCiv
+ng03V2EUZshmunN4BhVisDT6i5VziaDjxgKiydmqUNFUDXBC6O+pbxG6GWhwgZf
5RIrBZvH2r50HIwpuWGEJTXBeVcs58CWU3tNgJxJAfdY8FGVAIgeP40wwCmHltxX
HQsDIKcO2gD3Tc/ovSGM0PWcPCXWdStNRuK/cIzrrmyN/GGJOaxWeIOzfYQC5J8=
=H/qv
-----END PGP SIGNATURE-----
Andrew David Wong
Oct 23, 2016, 3:00:53 AM10/23/16
to Marek Marczykowski-Górecki, Franz, jkitt, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 2016-10-22 12:56, Marek Marczykowski-Górecki wrote:
> On Sat, Oct 22, 2016 at 09:56:07PM +0200, Marek Marczykowski-Górecki wrote:
>> On Fri, Oct 21, 2016 at 08:50:20PM -0700, Andrew David Wong wrote:
>>> On 2016-10-21 15:47, Franz wrote:
>>>> On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
>>>>
>>>>> Shouldn't a security focused distro make security announcement in a more
>>>>> direct and urgent way? I was surprised to find that Qubes only had a
>>>>> 'users' and 'development' mailing list.
>>>>>
>>>>>
>>>
>>> Marek, what do you think about having a no-reply "qubes-announcements" mailing list?
>>>
>>> Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
>
>> I'm not sure if it worth it. There is not much such announcements. On
>> the other hand, this may be exactly the reason for having a separate
>> mailing list for this. For now, we have already some non-email channels
>> for announcements:
>> - @QubesOS on twitter - every security and release announcement is
>> duplicated there
>> - https://www.qubes-os.org/news/, with its RSS/Atom feed; but we don't
>> link security announcements there - maybe we should start?
>
>> If you think additional ML channel would be useful, then sure, we can
>> create one.
>
> "would be useful" -> "those existing are not enough".
>
The main reason to have such a mailing list would be so that people who
don't want to use Twitter or RSS, and/or who want to receive *only*
critical updates via email can have a way to do so.
Some people might be opposed to Twitter as a platform. Probably fewer
would object to RSS, but it might be inconvenient for them for one
reason or another. Both Twitter and RSS include many non-critical
updates.
I don't know how much demand there is for the ability to receive only
critical updates via email. If there's high demand, we should do it.
If there's little or no demand, then it might not be worthwhile to saddle
ourselves with the additional overhead. The problem is that we don't have
any data on which to base the decision. Shall I create a poll?
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJYDGAGAAoJENtN07w5UDAwl4wQAJorbpnBb9QtNxLJ4foD6MTp
h2l/RaH2P75w58aTHP2/VA2LM3mVvkqzQI+cstKdmEoEkMSiuZxKG0+/zUYBvkfl
BauTumkpexJQ1OPjn0uu2Foee4v7l2a46XLzHdGTXmfKUL6953JSH/Dm+zY8waJj
F1S9cPkw0/HDvoGiVUso5qDxnv2UO/uCK/1ivR06SCvnfWR3AeE5iS+BZaNFZ1wC
Vf76fFdCqfuqfhG9bxjcz7zJnK5epaLVnoiaCR4t9XpKFgAwfPcpDIfyGPaoECKb
6FlltXKxjgb1WyV+XqnMLgTzwELTlkAGeDtkTEfnDrw1S74xdZNpDznPzIpqlJEr
9BQmcDucsnPX6ehNRU/ygHeV6zaDLjHyqCTBc9Bwt1ug6CRal4vR2iK2OPRp91pS
AZRIyBeW2Z4ysSe8FxgQoo25QI6cWtmM6PrXxp7XvexZJADpPBPPAB1fwE4A1bcD
ShjeuIXEyqZD59xNU+IN3D7qnG0cNRSB7kKfoXHKkVCogQfH2tXvDjzxLpE4nn1a
mO9blcJYc97hhBxhIhtUJEMdLSDL/bv8Evg8EUve9U1D5jOk9mr2Mq8pGcq80tGy
rJETaiqCzNQKvToJm9fc//YQrp1CWfeaX14FZY9Wrl/o1sy7gZArWEW3gVHJwWun
p7yGN78z6AP1oyS2XuPh
=vQ+J
-----END PGP SIGNATURE-----
Hash: SHA512
On 2016-10-22 12:56, Marek Marczykowski-Górecki wrote:
> On Sat, Oct 22, 2016 at 09:56:07PM +0200, Marek Marczykowski-Górecki wrote:
>> On Fri, Oct 21, 2016 at 08:50:20PM -0700, Andrew David Wong wrote:
>>> On 2016-10-21 15:47, Franz wrote:
>>>> On Fri, Oct 21, 2016 at 4:00 AM, jkitt <jazzki...@gmail.com> wrote:
>>>>
>>>>> Shouldn't a security focused distro make security announcement in a more
>>>>> direct and urgent way? I was surprised to find that Qubes only had a
>>>>> 'users' and 'development' mailing list.
>>>>>
>>>>>
>>>
>>> Marek, what do you think about having a no-reply "qubes-announcements" mailing list?
>>>
>>> Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
>
>> I'm not sure if it worth it. There is not much such announcements. On
>> the other hand, this may be exactly the reason for having a separate
>> mailing list for this. For now, we have already some non-email channels
>> for announcements:
>> - @QubesOS on twitter - every security and release announcement is
>> duplicated there
>> - https://www.qubes-os.org/news/, with its RSS/Atom feed; but we don't
>> link security announcements there - maybe we should start?
>
>> If you think additional ML channel would be useful, then sure, we can
>> create one.
>
> "would be useful" -> "those existing are not enough".
>
don't want to use Twitter or RSS, and/or who want to receive *only*
critical updates via email can have a way to do so.
Some people might be opposed to Twitter as a platform. Probably fewer
would object to RSS, but it might be inconvenient for them for one
reason or another. Both Twitter and RSS include many non-critical
updates.
I don't know how much demand there is for the ability to receive only
critical updates via email. If there's high demand, we should do it.
If there's little or no demand, then it might not be worthwhile to saddle
ourselves with the additional overhead. The problem is that we don't have
any data on which to base the decision. Shall I create a poll?
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
h2l/RaH2P75w58aTHP2/VA2LM3mVvkqzQI+cstKdmEoEkMSiuZxKG0+/zUYBvkfl
BauTumkpexJQ1OPjn0uu2Foee4v7l2a46XLzHdGTXmfKUL6953JSH/Dm+zY8waJj
F1S9cPkw0/HDvoGiVUso5qDxnv2UO/uCK/1ivR06SCvnfWR3AeE5iS+BZaNFZ1wC
Vf76fFdCqfuqfhG9bxjcz7zJnK5epaLVnoiaCR4t9XpKFgAwfPcpDIfyGPaoECKb
6FlltXKxjgb1WyV+XqnMLgTzwELTlkAGeDtkTEfnDrw1S74xdZNpDznPzIpqlJEr
9BQmcDucsnPX6ehNRU/ygHeV6zaDLjHyqCTBc9Bwt1ug6CRal4vR2iK2OPRp91pS
AZRIyBeW2Z4ysSe8FxgQoo25QI6cWtmM6PrXxp7XvexZJADpPBPPAB1fwE4A1bcD
ShjeuIXEyqZD59xNU+IN3D7qnG0cNRSB7kKfoXHKkVCogQfH2tXvDjzxLpE4nn1a
mO9blcJYc97hhBxhIhtUJEMdLSDL/bv8Evg8EUve9U1D5jOk9mr2Mq8pGcq80tGy
rJETaiqCzNQKvToJm9fc//YQrp1CWfeaX14FZY9Wrl/o1sy7gZArWEW3gVHJwWun
p7yGN78z6AP1oyS2XuPh
=vQ+J
-----END PGP SIGNATURE-----
Joonas Lehtonen
Oct 23, 2016, 10:06:11 PM10/23/16
to qubes...@googlegroups.com
>> I'm not sure if it worth it. There is not much such announcements. On
>> the other hand, this may be exactly the reason for having a separate
>> mailing list for this.
I would also love to see a QSB-announce mailing (especially because
>> the other hand, this may be exactly the reason for having a separate
>> mailing list for this.
qubes-users is quite active, and only subscribing to qubes-users to
filter for "[qubes-users] Announcing QSB #" is not the best way to
handle the current lack of QSB-announce).
I guess it is not a big effort for you to create one more list and send
the QSB's to one more recipient.
Looking forward to be able to subscribe to QSB-announce :)
> For now, we have already some non-email channels
>> for announcements:
>> - @QubesOS on twitter - every security and release announcement is
>> duplicated there
>> - https://www.qubes-os.org/news/, with its RSS/Atom feed; but we don't
>> link security announcements there - maybe we should start?
>
>> If you think additional ML channel would be useful, then sure, we can
>> create one.
Joonas
raah...@gmail.com
Oct 23, 2016, 11:12:43 PM10/23/16
to qubes-users, 169...@gmail.com, jazzki...@gmail.com, marm...@invisiblethingslab.com
On Friday, October 21, 2016 at 11:50:33 PM UTC-4, Andrew David Wong wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 2016-10-21 15:47, Franz wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 2016-10-21 15:47, Franz wrote:
> > On Fri, Oct 21, 2016 at 4:00 AM, jkitt wrote:
> >
> >> Shouldn't a security focused distro make security announcement in a more
> >> direct and urgent way? I was surprised to find that Qubes only had a
> >> 'users' and 'development' mailing list.
> >>
> >>
>
> Marek, what do you think about having a no-reply "qubes-announcements" mailing list?
>
> Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
>
> >
> >> Shouldn't a security focused distro make security announcement in a more
> >> direct and urgent way? I was surprised to find that Qubes only had a
> >> 'users' and 'development' mailing list.
> >>
> >>
>
> Marek, what do you think about having a no-reply "qubes-announcements" mailing list?
>
> Messages sent from qubes-announcements would also be duplicated to qubes-devel and possibly qubes-users so that people have a chance to discuss and ask questions.
>
oh good idea, like a regular security mailing list which is just patch announcements.
Reply all
Reply to author
Forward
0 new messages