[dpl-helpers] Evaluation criterias for prospective Trusted Organizations
Lucas Nussbaum
leader at debian.org
Thu Jan 2 19:33:19 UTC 2014
Hi,
On 15/12/13 at 13:49 +0100, Stefano Zacchiroli wrote:
> On Fri, Dec 13, 2013 at 07:13:10PM +0100, Lucas Nussbaum wrote:
> > So, new proposal below, where I tried to consolidate all points raised
> > so far.
>
> Thanks for this new text, it looks generally good to me.
> Some minor comments are inlined below.
>
> > The organization should share Debian's general visions
> > ======================================================
> >
> > The organization's activities and political stance should generally
> > match Debian's own political and philosophical stances. If the
> > organization is holding assets for other organizations, they should also
> > generally match Debian's own political and philosophical stances.
>
> The second sentence here looks problematic to me. If we take that as a
> principle, it seems to imply that organizations that have been
> recognized as TOs should seek Debian approval before accepting other
> projects under their umbrella, barring the risk that Debian might want
> to walk away if the don't do so. Given Debian might decide anyhow to
> walk away whenever we see fit, I'd just remove the second sentence. It's
> not clear what it gives us.
OK
> > The organization should provide accountability on assets held in trust
> > ======================================================================
> >
> > Some examples of possible implementations:
> > - The organization provides, on a regular and frequent basis,
> > detailed reports of assets tranfers and balance sheets, in a
> > machine-parsable format.
>
> I suggest to give an idea of what we consider "regular and frequent
> basis", even if only as an example. As mentioned before, I'd go for
> "quarterly".
>
> > - The organization provides a direct access to Debian's accounts,
> > in a machine-parsable format.
>
> I think what you mean here with "direct" is access to the live data. I
> suggest to explicitly say so.
OK
Thanks for the feedback!
I've copied the resulting list, including your suggestions, to
https://wiki.debian.org/Teams/DPL/TrustedOrganizationCriteria
Any other comments? From Auditors maybe?
If not, I will reach out to SPI, FFIS, Debian.ch and Debian France to
see if they have feedback or questions about that document.
Regarding the official, constitutional process of discussing the
addition of TOs, it would probably make sense to go through it for each
of SPI, FFIS, Debian.ch and Debian France. It's highly unlikely one of
them won't qualify, but it's still an opportunity to revisit where they
stand.
Lucas
More information about the DPL-helpers
mailing list