On 2017-11-22 21:10, Rob Stradling via dev-security-policy wrote: > On 22/11/17 11:45, marcan via dev-security-policy wrote: >> On 22/11/17 20:41, Tom via dev-security-policy wrote: >>>> Although not listed in the Action plan in #1311824, it is noteworthy >>>> that Richard Wang has apparently not been relieved of his other >>>> responsibilities, only the CEO title >>> >>> Do you have a link about the relieved of the CEO title? >>> >>> https://www.wosign.com/english/about.htm has been updated with the new >>> name, WoTrus, and currently says "Richard Wang, CEO&CTO" >>> >> >> It was discussed here in the past (and IIRC was part of the requirements >> for re-inclusion, since he was a large part of the problem), but the >> fact that so far it seems Richard Wang has been the main person to >> interact on this mailing list from the WoSign (now WoTrus) side makes me >> wonder if that wasn't all a ruse. He certainly seems to still be very >> much in charge. > > "Richard Wang will be relieved of his duties as CEO of WoSign and other > responsibilities" seems to be a forward-looking statement with no firm > implementation date. I think we should at least give WoTrus an > opportunity to clarify Richard's position before we pass judgment on > whether or not this was "all a ruse".
It's worth considering the implications of him remaining on board for an extended period of time. Presumably the reason why him leaving was made a requirement was because he has lost trust with the community and it was deemed that he was directly responsible for a lot of WoSign's woes. If that is the case, then it stands to reason that removing him as soon as possible would be the best course of action for WoSign in order to improve their security and recover community trust. After all, if Richard Wang has been running the ship all along, then leaves the day before a re-inclusion request is filed, should the community trust the system and company which were built under his watch? Sure, this meets the letter of the requirements, but I think it's fair to say it wouldn't meet the spirit, or at least reduce confidence and WoSign's chances for re-inclusion. -- Hector Martin "marcan" (mar...@marcan.st) Public Key: https://mrcn.st/pub _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
