Re: [opensc-devel] Changed certificate on opensc-project.org
Dear Martin, opensc-project.org SSL certificate expired (kind of suddenly, there should have been a reminder but that did not arrive for some reason), the checksums of the new one are: MD5: 68786c3e0cfe44e31d6c789e767605d5 SHA1: d7af30e8dfd9b6433353999f24e5dbb74132a988 Nice to see you on board. Could you have a look at our previous posts and confirm that : 1) The OpenSC project is not owned by you but by the community at large. 2) That you are a system administrator and developper. As such, you admit to serve the community. The reason behind is that we would like to avoid OpenSC becoming another project like CCID or Apple Tokend, where one or two persons lock down commits. Please have a look at this page: http://smartcardservices.macosforge.org/trac/wiki/team CCID Engineering • Lead: Ludovic Rousseau • Dev: Ludovic Rousseau PCSCD Engineering • Lead: Ludovic Rousseau • Dev: Ludovic Rousseau I am worried that a a small team of committers linked to companies lead to interest conflicts. For example, tokend has an outdated CCID, an outdated libUSB and only some vendor drivers are updated, including Gemalto. Furthermore, you don't seem to answer our emails. Which leads me to believe that you are acting as an owner and not as a system administrator. Please confirm by writing that you are not OpenSC owner. And please don't answer us something like go fork, we are not going to do it. When the project was handed over by Andreas, it was a community and shall remain. Kind regards, -- Jean-Michel Pouré - Gooze - http://www.gooze.eu smime.p7s Description: S/MIME cryptographic signature ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Changed certificate on opensc-project.org
Jean-Michel, Le 23 mars 2012 08:58, Jean-Michel Pouré - GOOZE jmpo...@gooze.eu a écrit : Dear Martin, opensc-project.org SSL certificate expired (kind of suddenly, there should have been a reminder but that did not arrive for some reason), the checksums of the new one are: MD5: 68786c3e0cfe44e31d6c789e767605d5 SHA1: d7af30e8dfd9b6433353999f24e5dbb74132a988 Nice to see you on board. Could you have a look at our previous posts and confirm that : 1) The OpenSC project is not owned by you but by the community at large. 2) That you are a system administrator and developper. As such, you admit to serve the community. It is not nice to hijack a thread and change the discussion. The reason behind is that we would like to avoid OpenSC becoming another project like CCID or Apple Tokend, where one or two persons lock down commits. Please have a look at this page: http://smartcardservices.macosforge.org/trac/wiki/team CCID Engineering • Lead: Ludovic Rousseau • Dev: Ludovic Rousseau PCSCD Engineering • Lead: Ludovic Rousseau • Dev: Ludovic Rousseau I am worried that a a small team of committers linked to companies lead to interest conflicts. For example, tokend has an outdated CCID, an outdated libUSB and only some vendor drivers are updated, including Gemalto. I do not remember having seen _ANY_ patch from you regarding the http://smartcardservices.macosforge.org/ project. You have to understand that free software projects (in a large part) are do-ocracy and not democracy. The people doing things decide how they do it. If you want to get a commit write access you shall first provide good patches and work. It does not work in the reverse order. If you are not happy with what Apple provides in the OS then contact Apple, not me or this mailing list. Furthermore, you don't seem to answer our emails. Which leads me to believe that you are acting as an owner and not as a system administrator. Please confirm by writing that you are not OpenSC owner. And please don't answer us something like go fork, we are not going to do it. When the project was handed over by Andreas, it was a community and shall remain. You cannot _require_ anything from volunteers. And you are very rude trying to do that. Regards, -- Dr. Ludovic Rousseau ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Changed certificate on opensc-project.org
Dear Ludovic and all, You have to understand that free software projects (in a large part) are do-ocracy and not democracy. The people doing things decide how they do it. If you want to get a commit write access you shall first provide good patches and work. It does not work in the reverse order. Over the past years, we saw many Apple projects turning into semi-private project. Another example is CUPS. Of course, CUPS systems are available in Linux. But drivers are old and Apple always provides updated drivers. The way Apple controls open-source projects is that there is a limited number of people with commit access, which are their employees or contractors. Also, the fact that you may ask money to review code and commit it to libccid or pcsc-lite strikes me. Of course, you accept any bug fix for free. But large companies have to pay. This is probably why some companies prefer to publish a libccid fork and not commit to main trunk. Therefore looking at the current OpenSC organization, I can only think about the way things evolved at pcsc-lite and tokend. We all agree here that OpenSC is not a semi-closed project and we ask you and Marin to confirm that: 1) The OpenSC project is owned by the community at large, not one or two individuals. 2) That Martin and You are system administrators and developers. As such, you admit to serve the community. You are not the owners. This is rather simple! Why should it be rude? We don't want OpenSC to turn into another pcsc-lite and/or tokend, please understand. Until you don't write Yes I agree to both statements, there will be a believe in the community that you are trying to take over. Kind regards, -- Jean-Michel Pouré - Gooze - http://www.gooze.eu smime.p7s Description: S/MIME cryptographic signature ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Changed certificate on opensc-project.org
What exactly are you trying to achieve? Dear Emanuelle, In the past, main OpenSC developers used to have write access to the main trunk or at least to their development. This is no longer the case. The new collaboration tools like GIT are used to limit the power of the main developers. Over the past months, OpenSC slowly evolved into a project like pcsc-lite and tokend: * Only one or two members control commits. * As a result, they are overwhelmed with work and cannot keep on reviewing patches. Some patches have been around for 6 months. * pcsc-lite project is asking some companies to pay for review and I am worried about that. Also I don't trust the way tokend is managed, as I can see activity around Gemalto drivers, not elsewhere. I know several companies releasing their own libccid and this is not good. So to make it clear, I don't trust Ludovic Rousseau to defend our interest, although he is a good developer. For example, there never was a speed detection algorithm in libccid, so that some smartcard readers do initialize at low speed. But some Gemalto readers do initialize thanks to some libccid hack in code. Apple does exactly the same when some CUPS drivers are not comparable in Mac OS X and other systems. This is rather subtle, but I begin to understand some marketing techniques. * For me the next step is a company like Apple or Gemalto taking over OpenSC. Some reviewers are already Gemalto contractors, this is not a secret. when reading your statement Emmanuele, we understand that you are serving the community. Thanks. Now we are asking Ludovic and Martin to make a statement where the they confirm a) and b): 1) The OpenSC project is owned by the community at large, not one or two individuals. 2) Martin and Ludovic are system administrators and developers. As such, you admit to serve the community. They are not the owners. Is that SO hard to write? Is that being rude? I don't believe so. Kind regards, -- Jean-Michel Pouré - Gooze - http://www.gooze.eu smime.p7s Description: S/MIME cryptographic signature ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Changed certificate on opensc-project.org
2012/3/23 Jean-Michel Pouré - GOOZE jmpo...@gooze.eu: In the past, main OpenSC developers used to have write access to the main trunk or at least to their development. Even minor ones, such as myself. This is no longer the case. The new collaboration tools like GIT are used to limit the power of the main developers. I do not think so. Anybody is free to write code and share it. * Only one or two members control commits. * As a result, they are overwhelmed with work and cannot keep on reviewing patches. Some patches have been around for 6 months. Please understand that nobody needs to be a committer in order to be a reviewer. Anyone can be a reviewer, and Gerrit is meant to make that easier. I think that my own position is fairly close to Peter's on this matter. If I had seen code reviews on this list, and their iterations had output reviewed code that did not make it into trunk, I'd agree with you that limited commit rights are a bottleneck. Since I haven't, I can't really say that committers are the bottleneck. I am sure that there are many good examples of this notion. I'll share the first example that comes to my mind, which is the Illumos development process. You can see this going on at https://www.listbox.com/member/archive/182179/=now (even without advanced tools like Gerrit). I will not comment on pcsc-lite, as I don't know enough about it, but I agree with everything that Martin has written today on this list. * For me the next step is a company like Apple or Gemalto taking over OpenSC. Some reviewers are already Gemalto contractors, this is not a secret. This is more of a conspiracy theory than anything else, IMVHO. I might even comment, tongue-in-cheek, that if nobody except Gemalto contractors is interested in reviewing code, then maybe that would be a reasonable course of action. ;) when reading your statement Emmanuele, we understand that you are serving the community. Thanks. I actually scratched my own itch. It happened to be the same itch of a larger community, and after that I did agree to doing some work to benefit other community members but not myself. That is all. Now we are asking Ludovic and Martin to make a statement where the they confirm a) and b): 1) The OpenSC project is owned by the community at large, not one or two individuals. I think that your notion of ownership, as you explained by way of the car example, is misleading at best. A FLOSS project such as this is more concerned with stewardship than ownership, as far as I can see. Best regards, -- Emanuele ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Changed certificate on opensc-project.org
Dear Emanuele, Please understand that nobody needs to be a committer in order to be a reviewer. Anyone can be a reviewer, and Gerrit is meant to make that easier. Sure. If all developers had the ability to vote on Gerrit and apply patches, this would solve many problems. Is that the case already? Please advise. Kind regards, -- Jean-Michel Pouré - Gooze - http://www.gooze.eu smime.p7s Description: S/MIME cryptographic signature ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel