Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Team #39

Merged
merged 7 commits into from
Feb 26, 2020
Merged

Security Team #39

merged 7 commits into from
Feb 26, 2020

Conversation

j01tz
Copy link
Member

@j01tz j01tz commented Jan 24, 2020
edited
Loading

Rendered link to RFC document

This is a proposal to create a security team for Grin.

@lehnberg lehnberg mentioned this pull request Jan 24, 2020
Closed
@lehnberg lehnberg added the core Related to core team label Jan 27, 2020
@lehnberg
Copy link
Contributor

@j01tz it was brought to my attention that as both security team and core team are intermixed in the document, vetoes that the security team members have might mistakenly be read as applying to core team decisions. Perhaps it could be made clearer that the vetoes only apply on security team decisions?

Also following gov meeting just now, would be great if you could drop "sub-team" for just "team" instead in the doc. :)

@lehnberg lehnberg self-assigned this Jan 28, 2020
@j01tz
Copy link
Member Author

j01tz commented Jan 28, 2020

Following your comment, I'm debating language use in veto section

Any member of the security team may veto an impactful security-related decision

or

Any member of the security team may veto an impactful security team decision

The former gives the team the ability to broadly veto any impactful security-related decision (though doesn't guarantee its awareness of these situations). The latter restricts it to "security team decisions" which would be narrowly interpreted as what is specified in the RFC document and what is explicitly delegated by core.

Depending on the approach we could do a better job in the RFC of spelling out what are explicitly security team decisions if we don't want to leave "security-related decisions" up to interpretation.

@lehnberg
Copy link
Contributor

I’d be inclined to go with the latter: security team decision

Practically speaking, the remits of the security team is contained within the security team itself. It cannot get veto powers on matters that are not handled by the team.

@j01tz j01tz changed the title [WIP] Security Subteam [WIP] Security Team Jan 28, 2020
@j01tz
Copy link
Member Author

j01tz commented Jan 28, 2020

Thanks very much for the feedback.

  • Changed the "subteam" language to reflect updates from the meeting
  • Added language to clarify "security team decisions" for vetoes and deadlocks

@j01tz j01tz changed the title [WIP] Security Team Security Team Feb 10, 2020
@j01tz j01tz marked this pull request as ready for review February 10, 2020 17:52
@lehnberg
Copy link
Contributor

Looks good @j01tz, bar any objections from others I'm going to recommend that this RFC moves into Final Comment Period with a disposition to merge tomorrow during the governance meeting. 👍

@lehnberg
Copy link
Contributor

Following discussion in today's Governance meeting, and in line with our governance process, this RFC can be considered being in Final Comment Period from today, with a disposition to merge in two weeks time, on February 25.

Please ensure any comments are made before then! ⏳

lehnberg
lehnberg reviewed Feb 20, 2020
View reviewed changes
Copy link
Contributor

@lehnberg lehnberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Took quite a detailed pass @j01tz, let me know what you think 👍

text/0000-security-team.md Outdated Show resolved Hide resolved
text/0000-security-team.md Outdated Show resolved Hide resolved
text/0000-security-team.md Outdated Show resolved Hide resolved
text/0000-security-team.md Outdated Show resolved Hide resolved
text/0000-security-team.md Outdated Show resolved Hide resolved
text/0000-security-team.md Outdated Show resolved Hide resolved
text/0000-security-team.md Outdated Show resolved Hide resolved
text/0000-security-team.md Outdated Show resolved Hide resolved
text/0000-security-team.md Outdated Show resolved Hide resolved
text/0000-security-team.md Outdated Show resolved Hide resolved
@j01tz
Copy link
Member Author

j01tz commented Feb 20, 2020

Thanks for the feedback @lehnberg. I think I was able to address your comments. I also added a line for clarification in the decision making section.

@yeastplume
Copy link
Member

Looks good to go as is, thanks @j01tz for putting all of this together.

@lehnberg lehnberg mentioned this pull request Feb 26, 2020
Open
3 tasks
@lehnberg
Copy link
Contributor

Following discussion in yesterday's Governance meeting, and in line with our governance process, following two weeks of final comment period, this RFC can now be considered Accepted. 🎉

@lehnberg lehnberg merged commit 1e6b8bd into mimblewimble:master Feb 26, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lehnberg lehnberg lehnberg left review comments

Assignees

@lehnberg lehnberg

Labels
core Related to core team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@j01tz @lehnberg @yeastplume