Revising OpenWrt Rules

[Fernando Frediani]

Why not just keep it simple ?

If the text is kept as: "Decisions should be made public" leaves up to 
the decisonmakers to resolve if something specific should be discussed 
in public or not due to sensitiveness under their own judgment.

Perhaps something can be added to the rules is stating clearly that if a 
decision is about another decisionmaker then he/she cannot vote.

I don't think this way transparency and mainly democracy are being 
violated in any way. The default rule is to be public and regarding 
democracy it is among those who can vote, therefore the decisionmakers.
It's not about having any secret society, after all the default rule is 
publicly, that's how it is currently and I agree it to continue, but it 
cannot be written in a way that doesn't leave much options to own 
decisionmakers to variate it when necessary. I think is fair to trust 
their judgment of what exceptional cases should be treated accordingly.

Regards
Fernando

On 05/10/2020 10:48, Sam Kuper wrote:
> On Mon, Oct 05, 2020 at 11:55:41AM +0200, Paul Oranje wrote:
>> Op 4 okt. 2020 heeft Fernando Frediani het volgende geschreven:
>>> Nobody is going to judge in his own cause. I mentioned when having to
>>> take a decision about another decision maker for example, that
>>> involves other people or other institution with who the project may
>>> have some agreement.
>>>
>>> Transparency is good but that must not be absolute. There are
>>> occasions where discussions may not be help in public due to
>>> sensitive matters. Yes fairness comes before and that can be achieved
>>> the either way.  The ones who matters most in this context are the
>>> own decisionmakers and they will be involved in that.
>> Making decisions in public does not preclude respecting the
>> sensitivity of certain matters, e.g. when positions of people are
>> concerned, or handling security issues. For cases as those necessarily
>> information is only shared once appropiate, but outside such special
>> cases the general principle should be: in public.
> It seems you agree decisions should be made in public, except for two
> specific topics you say should be exempt:
>
> - positions of specific people;
>
> - security issues.
>
>
> I'm not sure why the former needs to be exempt.  Suppose decisionmaker A
> gets concerned decisionmaker B is abusing the community's trust.
> Decisionmaker A could, on the relevant mailing list, explain their
> concerns & propose a (public) vote among the decisionmakers on whether
> decisionmaker B be should removed from their roster of decisionmakers.
> This would afford decisionmaker B the chance to defend themselves, and
> the rest of the decisionmakers (and the community) the chance to
> evaluate both sides' claims and to offer additional evidence either way.
> (N.B. All interpersonal disputes are contentious.  Better that they be
> contentious and transparent like this, than contentious and opaque.)
>
>
>
> Re: security issues, I'm more sympathetic to your view.  I realise that
> responsible disclosure, whether outbound from OpenWRT to upstream, or
> inbound from someone else to OpenWRT, may require fixes to be discussed
> and developed privately (e.g. under embargo) before the vulnerability is
> publicly disclosed.
>
>
>
> Maybe the best solution would be to have wording a bit like this:
>
>      Decisions must be made in public, unless they concern embargoed
>      security issues (maximum embargo length: 3 months, non-renewable).
>
>
> Would that be closer to satisfying your concerns?  Would you like to
> propose better wording?
>
> All best,
>
> Sam
>