> On Wed, Nov 05, 2014 at 06:13:40PM +0000, Miod Vallat wrote: > > > This is suspicious person for me (group of people?). There are lots of > > > commits since about 2011 in many low-level and/or critical components > > > from this person: linux kernel, android, gnupg, tcpdump, alsa, tor, > > > openssl etc, etc.. > > > > > > I'm almost certainly wrong, but not too much there competencies for one > > > person? > > > > This kind of comment is an insult, both to the submitter, and to our > > code review process. > > On the issue of the code review: > http://cm.bell-labs.com/who/ken/trust.html (Ken Thompson, 1984)
And... do you trust me? Do you trust Miod? Why? No really, precisely why do you trust us? What a joke. > > That said, I remember Itojun used to have his name tied to way too many > > projects, not only because he was an amazing programmer, but also > > because he acted as the english spokeperson for many other japanese > > developers whose english skills weren't as good as Itojun's. This might > > be a similar story here, with russian people not good enough at english. > > I said that 99.9% I'm wrong. But if I'm right, you guys will have a > problem far worse than ever with ipsec. I believe that the code review > of such diffs should be tightened when it comes to such important things > as the kernel and/or the crypto. Tightened up to accepting of code only > from people personally known to core developers. That is quite a fiction. How do we find people on the internet who care, and knit them into a community, and then somewhere down the road meet them and have them become this so-called 'core developer' group? We start reading code from them. Perhaps it is easier for people who are not part of this process, to find ways to disparage this human effort. > Otherwise OpenBSD's security little different from Linux security in > today's reality. Eric S. Raymond's bazaar - The Achilles heel in a > situation, where you can not say with certainty who came from diff. Well, we never promised our processes to be better than the standard human processes. But I guess you believe we can do better, without any significant backing. So who's the fool now? I think you are.
