Group Proposal, for discussion: Vulnerability Group
volker.simonis at gmail.com
Thu Oct 12 07:38:54 UTC 2017
what's the current status of this group/proposal?
Can you please at least post a final version of the "OPENJDK
VULNERABILITY GROUP NONDISCLOSURE AND LICENSE AGREEMENT"? The one you
is still marked as "Draft". I really want to get this agreement signed
by my employer but I'm currently stuck because it makes little sense
to sign a draft document.
Thank you and best regards,
On Tue, Sep 5, 2017 at 8:38 PM, Martijn Verburg
<martijnverburg at gmail.com> wrote:
> Hi Mark,
> Apologies for the radio silence. I was going to suggest edits de-emphasising
> Oracle's leadership / central role in this group, not because Oracle
> doesn't deserve to or have the right to lead, but more that I wanted to see
> the principles of shared vulnerability ownership (across all the vendors)
> front and center in the proposal.
> After a careful re-read of the doc I've realised that my impression was
> plain wrong and that the shared ownership is very much advocated.
> Thanks again for proposing this important group, it's really good to see!
> On 24 August 2017 at 22:16, <mark.reinhold at oracle.com> wrote:
>> 2017/8/24 10:33:41 -0700, martijnverburg at gmail.com:
>> > Totally applaud this idea! I have some suggested wording changes that
>> > might be easiest to suggest as a diff or some sort of track changes on
>> > original text. Do you have a preferred mechanism for that type of
>> If you'd like to propose a patch, I've posted the Markdown source here:
>> - Mark
More information about the discuss