[quagga-dev 16537] Re: Security list changes (Transparency?)

[Martin Winter]

On 11 Jan 2017, at 22:34, Michael H Lambert wrote:


On 11 Jan 2017, at 10:05, Nick Hilliard  wrote:

Usually forks happen after a breakdown of confidence and/or trust in 
the
original project.  Without prejudice to whatever changes may have 
been
made to the secur...@quagga.net email address, it looks like there 
has

been a serious breakdown of communications.

It would be helpful if there were some public discussion about what's
happened, and why.  There are a lot of people who depend on the 
quagga

code base, and trust in community projects depends on transparency.


Forks can also happen when developers decide they want to "monetize" 
the code.  Yes, it's still open source, but if you want updates in 
timely fashion you'll need to subscribe to a maintenance plan.  I 
agree that the community needs to be kept in the loop.


The problem was really getting the name picked. It was way more
painful than expected. And a lot of the work was done while it was
still called Quagga - and that would have caused a really bad confusion
(and most likely upset Paul for the right reasons).

The rename in the code just got done last weekend (finally).

There are absolutely no plans to monetize the code. There might be 
always
commercial spins (i.e. any vendor who provides Quagga or the fork on 
their
box) and they may try this, but I’m not sure how legal this is under a 
GPL

license.
And Quagga and all it’s forks are locked to GPLv2 or later as it’s 
probably
impossible to ever contact all contributors and get them to agree to a 
license

change.

Some of the organizational structure behind is still in the discussion
phase at this time. We are trying to find a model where there is no 
single

entity able to take over or lock others out of it.

But some of the key differences is trying a different model where 
patches
submitted or pull requests get automatically integrated into a 
development

branch. Based on what was discussed last year for Quagga.

Anyway, no need to discuss this here in details. Donald posted the list
for the fork. Feel free to join and ask questions there. Just don’t 
expect

it all be ready yet.

- Martin

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16536] Re: NetDEF Transparency?

[Martin Winter]

On 12 Jan 2017, at 18:40, Paul Jakma wrote:


On Thu, 12 Jan 2017, Martin Winter wrote:

I can direct you to a tax person who can explain you who needs o be 
listed or not.


The money out covers only your salary and my contracting.


And your point? This is a IRS tax document with weird requirements on 
what to list or not. I
can’t make up things or report different for you. I have to follow the 
IRS guidelines (and

we use professional help for this, because it’s weird for me too)

You could have read my other email. OpenSourceRouting is a project by 
NetDEF. Nothing else. Not another company and you should know this.


I have no idea anymore what you are.


I’m a person who wants a good high-quality open source routing stack 
and works full-time on it.


I ask again: Are you and/or Alistair and/or David officers, employees 
or contractors for any other companies, or have been over last few 
years?


And I ask again, what has this to do with a simple request to give a 
quick announcement on changes

of a security list?
Action should all what matters.

I just asked for transparency to mention who got removed from the 
security list. I didn’t question the reasons. I just wanted to be 
the community aware of the changes. Very simple requests. That’s 
what I call transparency in the community.


Again, you have your fork. Why not go enjoy it?!

I'm happy to continue to talk to you about technical stuff on a 
constructive basis.


However, if you come here making insinuations, and continue to try 
stir up trouble in Quagga, as you've been doing for a long while then 
you won't get a warm welcome. I may have been a very naïve idiot in 
the past (and have made other mistakes, no doubt) about things, but I 
can learn.


So, again: Go enjoy your fork! If we have to fight, let's do it by 
competing on the code.


But note very carefully: I'm no longer as naïve. I've learned, and I 
will be keeping one ready in the chamber from now on, in case you come 
back with more games.


Read me clear: Go enjoy your fork.

 BTW, when I started contracting for NetDEF, I was told Alistair was 
seed
 funding it. What was the amount of that seed funding, and how much 
other

 sponsorship came in and when?


Look up the public records if you care about this. It’s all in 
there.


I note that's a non-answer.


It’s NOT relevant for this discussion and you are just side-tracking 
the whole discussion.


I let this stand like this and suggest to everyone read the archives 
of the list.


I note that I David has the off-list email, and I bet you do too.

OpenSourceRouting is a PROJECT of NetDEF. What part is not clear 
here? It’s not a company, it’s just a single project.


Again, the question was: What _other_ companies do you have?


None. Zero. Nada. Happy now? Can we get back to the main subject?

By forking, we accepted Quagga to be your project and we all accepted 
your

wish on not changing the structure.

I’m accepting your wish to withdraw from Quagga testing as well if 
this is

really is your wish.

- Martin


The rest on this email is really pointless for me to even respond.
Feel free to hate me (and NetDEF and everyone else who works on the 
fork).

Again, I didn’t come for a fight, just for a clarification.


I only asked for transparency. I didn’t want to fight. You seem to 
be interested in it.


Did I go to your project and start trolling with insinuations about 
transparency? No.


Hey, you havn't even got a public forum AFAIK. Where's my slack 
invite?


I’ve asked on details of the changes to made public by someone who 
knows (i.e. you, maybe others), so the community is aware who is 
still working on security issues.


Wah wah wah.

Go enjoy your fork Martin. Why are you even here?

That’s all. I mentioned that this wasn’t about me and there is no 
need to argue how I had to be kicked out because I work for such an 
evil non-profit and dare to work on more than one open source 
project.


I have 0 problems with:

1. For profits working on software.

2. Non-profits working on software, free or other wise.

3. Special status, tax-exempt non-profits working on free software.

4. People being sponsored or employed to work on software.

It's a free world, and that's how I like it, esp. for categories 1 and 
2. Category 3 is special though.


My question here is:

- You and David have involved yourself in Quagga under the mantle of
  '3', but have you got significant other business interests under 
some

  category that you've not disclosed to the community?

If you won't answer that "transparently" (the word of the week), then 
my strong advice to you, again, is:


  Go and enjoy your code, and stop messing around here!

You could have just responded that you made the decision to clean up 
the list because you felt that this and this and this person was no 
longer useful or wanted. This would have been helpful for the 
community (The Quagga Community which I still care about a lot)


Wah wah wah.

How many companies a

[quagga-dev 16535] Re: [PATCH] vty: Add Esc-? and ctrl-v , to allow '?' to be input (e.g for regex)

[Vincent JARDIN]

Le 12/01/2017 à 15:29, Paul Jakma a écrit :

From: Paul Jakma 

---
 lib/vty.c | 21 ++---
 1 file changed, 18 insertions(+), 3 deletions(-)

Paul,

please, can you add a proper log?, then it is a patch good to go.

Acked-by: vincent.jar...@6wind.com

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16534] Re: Security list changes (Transparency?)

[Martin Winter]

On 12 Jan 2017, at 18:47, Paul Jakma wrote:


On Thu, 12 Jan 2017, Martin Winter wrote:

similar to what was discussed last year (and blocked by Paul’s 
veto) for


Urg, you just can't help spin.

_EVERY MAINTAINER_ had a veto. Further, objections from the wider 
community were also usually honoured. *DAVID* vetoed stuff. *YOU* have 
objected to stuff and had it honoured. Even after David was suspended, 
his objections were still honoured.


Objection against something and a veto are different things. I do 
believe everyone should speak up if he thinks
something is the wrong way, but also accept to be overruled by a 
majority.
But then you made it clear that this isn’t a democracy or anything and 
this is your fork and it’s your

way or the highway.

I'm not claiming the model was perfect - it may have been past its 
sell by date.


Anyway, Why are you here Martin? What are you trying to achieve?


Because I care about Quagga and previously didn’t expect to withdraw 
my support and work for it.


So basically Transparency and Clarification:

1) Would be good for people to know that they can’t come to me anymore 
for Quagga Security Issues.
I think this is now clear, but there are others who got removed too. 
Would be good to know who is still

on the list so I can redirect questions.
(BTW: Email to list doesn’t work - it’s seems to all end up on 
waiting for a moderator approval. You should

fix this for a list to report security issues)

2) Clarification if you want anyone from NetDEF to stop providing any 
help on Quagga. I didn’t expect to
withdraw from it, but it sounds like this is your wish. Happy to comply 
and no screaming needed. A simple

email with a clarification would be all that’s needed.

- Martin Winter

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16533] Re: [PATCH v3] nhrpd: implement next hop resolution protocol

[Vincent JARDIN]

Le 12/01/2017 à 15:31, Timo Teräs a écrit :

This provides DMVPN support and integrates to strongSwan. Please read
README.nhrpd and README.kernel for more details.


I do like the value that NHRP brings for DMVPN support. Sorry, I did not 
review the code due to lack of time, but since it is quite independent 
code, I feel it brings lot of value to start with.


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16532] Fork of Quagga

[Donald Sharp]

All -

Since there have been questions on alias about the fork and if you are
interested in checking us out, we are working over here:

https://github.com/freerangerouting/frr

The email alias can be found:

https://lists.nox.tf/listinfo/frr

We have a public slack channel for realtime discussion:

freerangerouting.slack.com

Please unicast me or the frr alias with any questions you may have.

thanks!

donald

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16531] Re: Security list changes (Transparency?)

[Paul Jakma]

On Thu, 12 Jan 2017, Martin Winter wrote:


“suspended” vs “kicked off”

Interesting wording is all I can say.


Just for the record, the relevant bit from the email to David was:

 "I have therefore suspended you from the Quagga.net maintainers,
  pending a review of your position by the maintainers. "


From the end of my reply to his initial reply:


 "If we're to converge again, probably it'd be best at this stage if you
  explain what your view is of how maintainers should work with each
  other."

I guess "suspended" is another confusing word.

regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
The days are all empty and the nights are unreal.___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16529] [PATCH] vty: Add Esc-? and ctrl-v , to allow '?' to be input (e.g for regex)

[Paul Jakma]

From: Paul Jakma 

---
 lib/vty.c | 21 ++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/lib/vty.c b/lib/vty.c
index 7ba277f..2c5911a 100644
--- a/lib/vty.c
+++ b/lib/vty.c
@@ -1340,8 +1340,9 @@ vty_execute (struct vty *vty)
 
 #define CONTROL(X)  ((X) - '@')
 #define VTY_NORMAL 0
-#define VTY_PRE_ESCAPE 1
-#define VTY_ESCAPE 2
+#define VTY_PRE_ESCAPE 1  /* Esc seen */
+#define VTY_ESCAPE 2  /* ANSI terminal escape (Esc-[) seen */
+#define VTY_ESC_LITERAL 3 /* Escape next char as literal */
 
 /* Escape character command map. */
 static void
@@ -1469,7 +1470,14 @@ vty_read (struct thread *thread)
  vty_escape_map (buf[i], vty);
  continue;
}
-
+  
+  if (vty->escape == VTY_ESC_LITERAL)
+{
+  vty_self_insert (vty, buf[i]);
+  vty->escape = VTY_NORMAL;
+  continue;
+}
+  
   /* Pre-escape status. */
   if (vty->escape == VTY_PRE_ESCAPE)
{
@@ -1495,6 +1503,10 @@ vty_read (struct thread *thread)
  vty_backward_kill_word (vty);
  vty->escape = VTY_NORMAL;
  break;
+case '?':
+  vty_self_insert (vty, buf[i]);
+  vty->escape = VTY_NORMAL;
+  break;
default:
  vty->escape = VTY_NORMAL;
  break;
@@ -1541,6 +1553,9 @@ vty_read (struct thread *thread)
case CONTROL('U'):
  vty_kill_line_from_beginning (vty);
  break;
+case CONTROL('V'):
+  vty->escape = VTY_ESC_LITERAL;
+  break;
case CONTROL('W'):
  vty_backward_kill_word (vty);
  break;
-- 
2.7.4


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16527] [PATCH 2/3] HACKING: Add 'Objectives', 'Governance', and an initial 'Code of Conduct'

[Paul Jakma]

---
 HACKING.md | 110 +
 1 file changed, 110 insertions(+)

diff --git a/HACKING.md b/HACKING.md
index c898d96..0b96ce8 100644
--- a/HACKING.md
+++ b/HACKING.md
@@ -17,6 +17,116 @@ include-before:
 
 \newpage
 
+OBJECTIVES {#sec:goals}
+==
+
+The objectives of the Quagga project are to develop and implement high
+quality routing protocols and related software, maximising:
+
+* Free software:
+* Quagga is and will remain a copyleft, free software project
+* Some non-core parts may be available under compatible, permissive
+  licenses to facilitate code sharing, where contributors agree.
+* The test and integration orchestration infrastructure shall be free
+  software, developed similarly to the rest of Quagga. Proprietary
+  conformance suites may be among the test tools orchestrated.
+* Openness and transparency
+* The business of the project shall be conducted on its public email
+  lists, to the greatest extent possible.
+* The design of the software will be governed by open discussion on
+  the public email lists.
+* Participants shall endeavour to be transparent about their interests
+  in the project, and any associations likely to be relevant.
+* Ethical behaviour:
+* The licenses of all copyright holders will be respected, and the
+  project will err in their favour where there is reasonable doubt or
+  legal advice to that effect.
+* Participants will behave with respect for others, and in a manner that
+  builds and maintains the trust needed for productive collaboration.
+
+See also the Section on [CODE OF CONDUCT](#sec:codeconduct).
+
+Governance {#sec:governance}
+==
+
+The governance of Quagga is currently in flux.
+
+Quagga was forked from GNU Zebra by Paul Jakma, who holds the domain name. 
+Governance was soon devolved to a collective group, the maintainers. 
+
+Governance at this moment is again fully in the hands of Paul Jakma, to be
+recast.
+
+Holding of project assets
+-
+
+One or more mature, independent trustees, with technical and free software
+experience, will be appointed as the executor(s) for key assets of the
+project to ensure continuity, such as the domain name.
+
+Should a corporate vehicle ever be created to hold such assets it __must__:
+
+* Publish up to date accounts on a regular business.
+* Generally operate openly and transparently.
+* Have control distributed, with a significant degree of control held
+  independent of any contributors with business interests in the software.
+* Carry out no other business itself that may be seen to conflict or compete
+  with the business of others in the community.
+* Have all officers disclose all interests that could be
+  seen to have a bearing on the project, as far as is reasonable.
+
+It not clear at this time that the overheads and potential liabilities of
+such a vehicle would be appropriate for this project.  These principles
+should though still be applied, where possible, to any non-corporate body
+formed around the project.
+
+CODE OF CONDUCT {#sec:codeconduct}
+===
+
+Participants will treat each other with respect and integrity.  Participants
+will build and treasure the trust that is required for parties to
+successfully collaborate together on free software.  Particularly when those
+parties may have competing interests.  The following principles and
+guidelines should be followed to foster that trust:
+
+* Participants should be open about their goals, and their interests.
+- Business associations with other participants should be disclosed,
+  so far as is reasonable and where applicable. E.g., if there is voting
+  on matters, or in endorsements or objections to contributions.
+- Other associations and interests that may be relevant should be
+  disclosed, to the degree necessary to avoid any perception
+  by others of conflicts of interests or of deception.
+- Be open about your goals, so as to maximise the common understanding
+  and minimise any misunderstandings and disputes.
+* Design should be done in the open
+-  Do your design on list, ahead of significant implementation.  Avoid
+  "Surprise!" development where possible.
+- Where significant implementation work must be done behind closed
+  doors, accept that you may be asked to rework it, potentially from
+  scratch once you take it public.
+- Get "buy in" from others ahead of time, to avoid disappointment.
+* Interaction 
+- Feedback on design should be constructive, thoughtful and 
+  understanding.
+- Avoid personalising matters. Discuss the idea, the code, the abstract
+  subject and avoid unnecessary personal pronouns.
+- Avoid language that paints either party into a corner. Leave some room
+  for doubt. Ask questions, rather than make assertions, where possible.
+* Disputes should be resolv

[quagga-dev 16528] [PATCH 3/3] HACKING: Update useful URLs

[Paul Jakma]

---
 HACKING.md | 10 +-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/HACKING.md b/HACKING.md
index 0b96ce8..e7e4cd7 100644
--- a/HACKING.md
+++ b/HACKING.md
@@ -683,6 +683,14 @@ configuration for the appropriate Quagga.net repository.
 USEFUL URLs
 ===
 
-* David Lamparter  runs a patchwork instance at
+* The project homepage is at:
+
+  
+
+* Patchwork tracks patches emailed to the quagga-dev list at:
+
   
 
+* Bugs can be reported via Bugzilla at:
+
+  
-- 
2.7.4


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16526] [PATCH 1/3] HACKING: set a4paper by default

[Paul Jakma]

---
 HACKING.md | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/HACKING.md b/HACKING.md
index 3bd1eb3..c898d96 100644
--- a/HACKING.md
+++ b/HACKING.md
@@ -1,13 +1,11 @@
 ---
 title: Conventions for working on Quagga 
 papersize: a4paper
-geometry: scale=0.82
+geometry: a4paper,scale=0.82
 fontsize: 11pt
 toc: true
 date: \today
 include-before: 
-  \large This is a living document. 
-
   \large This is a living document describing the processes and guidelines
for working on Quagga. You *must* read Section
["REQUIRED READING"](#sec:required), before contributing to Quagga.
-- 
2.7.4


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16525] Re: [PATCH 0/5] NHRP implementation

[Paul Jakma]

On Thu, 12 Jan 2017, Timo Teras wrote:


Seems to be caused by the recent kernel commit:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fe8e0f074c77aa41aaa579345a9e675acbebfa9

It is known issue that some of the c-library and kernel header files 
conflict with each other. Slightly sad, that it's getting more 
overlap.


Ah, oh dear.

Fundamentally, it would be good to get lib/quagga.h to not include all 
known headers in the universe. This would allow to include quagga 
library headers in connection with kernel headers.


Agreed.

Beyond that, a larger cleanup of the exported APIs of header files. It'd 
be good to define a stable subset, and export it properly under a 
"quagga/" include namespace.



Probably the simples fix is to split the netlink.c in two parts. I can
send a v3 nhrpd commit, unless you prefer a follow up commit that fixes
it?


Whatever is easier for you. If you have a follow up and want to just 
send that, that's fine.


regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
Fear and loathing, my man, fear and loathing.
-- H.S. Thompson

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16524] Re: [PATCH 0/5] NHRP implementation

[Timo Teras]

On Thu, 12 Jan 2017 13:17:10 + (GMT)
Paul Jakma  wrote:

> There's a compile failure here somewhere:
> 
> make[2]: Entering directory '/home/paul/code/quagga/nhrpd'
>CC   zbuf.o
>CC   znl.o
>CC   resolver.o
>CC   linux.o
>CC   netlink.o
> In file included from /usr/include/linux/if_tunnel.h:6:0,
>   from netlink.c:17:
> /usr/include/linux/ip.h:85:8: error: redefinition of ‘struct iphdr’
>   struct iphdr {
>  ^
> In file included from netlink.c:12:0:
> /usr/include/netinet/ip.h:44:8: note: originally defined here
>   struct iphdr
>  ^
> Makefile:497: recipe for target 'netlink.o' failed
> 
> # rpm -q kernel-headers
> kernel-headers-4.8.15-200.fc24.x86_64

Seems to be caused by the recent kernel commit:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fe8e0f074c77aa41aaa579345a9e675acbebfa9

It is known issue that some of the c-library and kernel header files
conflict with each other. Slightly sad, that it's getting more overlap.

Fundamentally, it would be good to get lib/quagga.h to not include all
known headers in the universe. This would allow to include quagga
library headers in connection with kernel headers.

Probably the simples fix is to split the netlink.c in two parts. I can
send a v3 nhrpd commit, unless you prefer a follow up commit that fixes
it?

Thanks,
Timo


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16523] Re: NetDEF Transparency?

[Paul Jakma]

On Thu, 12 Jan 2017, Paul Jakma wrote:

I'm happy to continue to talk to you about technical stuff on a 
constructive basis.


I'm also happy for you and other FRRers to contribute to Quagga, if you 
stick to the technical stuff (I assume you won't - as you've got fixes 
for commits of mine that you've not sent on). E.g., stay out of 
community stuff.


regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
Yevtushenko has... an ego that can crack crystal at a distance of twenty feet.
-- John Cheever

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16522] Re: [PATCH 0/5] NHRP implementation

[Paul Jakma]

Hi Timo,

There's a compile failure here somewhere:

make[2]: Entering directory '/home/paul/code/quagga/nhrpd'
  CC   zbuf.o
  CC   znl.o
  CC   resolver.o
  CC   linux.o
  CC   netlink.o
In file included from /usr/include/linux/if_tunnel.h:6:0,
 from netlink.c:17:
/usr/include/linux/ip.h:85:8: error: redefinition of ‘struct iphdr’
 struct iphdr {
^
In file included from netlink.c:12:0:
/usr/include/netinet/ip.h:44:8: note: originally defined here
 struct iphdr
^
Makefile:497: recipe for target 'netlink.o' failed

# rpm -q kernel-headers
kernel-headers-4.8.15-200.fc24.x86_64

regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
Laugh and the world laughs with you, snore and you sleep alone.___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16521] Re: NetDEF Transparency?

[Paul Jakma]

On Thu, 12 Jan 2017, Paul Jakma wrote:


 I only asked for transparency. I didn’t want to fight. You seem to be
 interested in it.


Did I go to your project and start trolling with insinuations about 
transparency? No.


And I held fire in my first reply to you, and gave you a coded warning.

regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
Sorry about off-topic.  I thought I was posting to Usenet.

- William Park on linux-kernel___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16520] Re: Security list changes (Transparency?)

[Paul Jakma]

On Thu, 12 Jan 2017, Martin Winter wrote:


similar to what was discussed last year (and blocked by Paul’s veto) for


Urg, you just can't help spin.

_EVERY MAINTAINER_ had a veto. Further, objections from the wider 
community were also usually honoured. *DAVID* vetoed stuff. *YOU* have 
objected to stuff and had it honoured. Even after David was suspended, 
his objections were still honoured.


I'm not claiming the model was perfect - it may have been past its sell 
by date.


Anyway, Why are you here Martin? What are you trying to achieve?

regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
genlock, n.:
Why he stays in the bottle.___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16519] Re: Security list changes (Transparency?)

[Paul Jakma]

On Thu, 12 Jan 2017, Martin Winter wrote:


 1. Note: as of a few weeks ago, I am the executive maintainer of Quagga.
An interim measure hopefully, if there are enough people still
interested in Quagga.


Thanks for this note. This is what I call “transparency”. Not sure 
what “executive maintainer” means, but I assume something like “chief 
maintainer” with sole decision authority ?



Or did I get this wrong?


Exactly.

Quagga is an informal association. There is no corporate vehicle. There 
are no tax breaks. I have never claimed tax breaks on the small (but 
non-trivial at times, esp as a student) cost for some of the required 
infrastructure. There are no regulatory requirements for elevated 
transparency, compared to the rest of civil life.


_GO ENJOY YOUR FORK_.

Stop talking crap about others.

regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
Quod erat demonstrandum.
[Thus it is proven.  For those who wondered WTF QED means.]___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16518] Re: NetDEF Transparency?

[Paul Jakma]

On Thu, 12 Jan 2017, Martin Winter wrote:

I can direct you to a tax person who can explain you who needs o be 
listed or not.


The money out covers only your salary and my contracting.

You could have read my other email. OpenSourceRouting is a project by 
NetDEF. Nothing else. Not another company and you should know this.


I have no idea anymore what you are.

I ask again: Are you and/or Alistair and/or David officers, employees or 
contractors for any other companies, or have been over last few years?


I just asked for transparency to mention who got removed from the 
security list. I didn’t question the reasons. I just wanted to be the 
community aware of the changes. Very simple requests. That’s what I 
call transparency in the community.


Again, you have your fork. Why not go enjoy it?!

I'm happy to continue to talk to you about technical stuff on a 
constructive basis.


However, if you come here making insinuations, and continue to try stir 
up trouble in Quagga, as you've been doing for a long while then you 
won't get a warm welcome. I may have been a very naïve idiot in the past 
(and have made other mistakes, no doubt) about things, but I can learn.


So, again: Go enjoy your fork! If we have to fight, let's do it by 
competing on the code.


But note very carefully: I'm no longer as naïve. I've learned, and I 
will be keeping one ready in the chamber from now on, in case you come 
back with more games.


Read me clear: Go enjoy your fork.


 BTW, when I started contracting for NetDEF, I was told Alistair was seed
 funding it. What was the amount of that seed funding, and how much other
 sponsorship came in and when?



Look up the public records if you care about this. It’s all in there.


I note that's a non-answer.

I let this stand like this and suggest to everyone read the archives of the 
list.


I note that I David has the off-list email, and I bet you do too.

OpenSourceRouting is a PROJECT of NetDEF. What part is not clear here? It’s 
not a company, it’s just a single project.


Again, the question was: What _other_ companies do you have?

I only asked for transparency. I didn’t want to fight. You seem to be 
interested in it.


Did I go to your project and start trolling with insinuations about 
transparency? No.


Hey, you havn't even got a public forum AFAIK. Where's my slack invite?

I’ve asked on details of the changes to made public by someone who 
knows (i.e. you, maybe others), so the community is aware who is still 
working on security issues.


Wah wah wah.

Go enjoy your fork Martin. Why are you even here?

That’s all. I mentioned that this wasn’t about me and there is no need 
to argue how I had to be kicked out because I work for such an evil 
non-profit and dare to work on more than one open source project.


I have 0 problems with:

1. For profits working on software.

2. Non-profits working on software, free or other wise.

3. Special status, tax-exempt non-profits working on free software.

4. People being sponsored or employed to work on software.

It's a free world, and that's how I like it, esp. for categories 1 and 
2. Category 3 is special though.


My question here is:

- You and David have involved yourself in Quagga under the mantle of
  '3', but have you got significant other business interests under some
  category that you've not disclosed to the community?

If you won't answer that "transparently" (the word of the week), then my 
strong advice to you, again, is:


  Go and enjoy your code, and stop messing around here!

You could have just responded that you made the decision to clean up 
the list because you felt that this and this and this person was no 
longer useful or wanted. This would have been helpful for the 
community (The Quagga Community which I still care about a lot)


Wah wah wah.

How many companies are you an officer of? What is their status and 
purpose? Over the relevant period...


You're not going to answer that, so... Enjoy your fork! Happy to talk 
tech. Quagga governance is no longer your concern - and hasn't been for 
6 months at least.


regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
Mandrell: "You know what I think?"
Doctor:   "Ah, ah that's a catch question. With a brain your size you
  don't think, right?"
-- Dr. Who___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16517] Re: Security list changes (Transparency?)

[Martin Winter]

Nick,

sorry, forgot to answer the last part or your email about reason etc
on fork:

First of all, we haven’t announced it yet. We want to get it to “rc1”
quality first before making it public. And we had to get a name (which
was a painful slow process and we are still making sure this name isn’t
violating any trademarks etc).
Name is probably the more important as the github location will change
again if we have to rename again.

In general, the idea on the fork was to try a different model of developing
similar to what was discussed last year (and blocked by Paul’s veto) for
the Quagga community.

We hope to get a much faster turnaround of new features and fixes into the
code. There are several companies interested in Quagga, but see it as
abandoned because of the slow speed. We try to change this by automating
more, have more maintainers and simple processes on getting code into the
project.

But everyone is welcome to join.

- Martin

On 11 Jan 2017, at 22:05, Nick Hilliard wrote:

> Martin Winter wrote:
>> I don’t like to have this discussion in privacy - this isn’t about
>> me. Maybe I did something stupid or you (or community?) decided on
>> new rules for who should be on it. I think it would be beneficial to
>> everyone to have make it public on who is on the list and probably
>> why they are on the list (so it makes somehow the selection more
>> transparent.
>
> Martin,
>
> Quagga was forked recently: github.com/freerangerouting/frr
>
> The commit logs in FRR show a good deal of activity since the split, and
> the freerangerouting.com domain seems to have been registered by Netdef.
>
> Usually forks happen after a breakdown of confidence and/or trust in the
> original project.  Without prejudice to whatever changes may have been
> made to the secur...@quagga.net email address, it looks like there has
> been a serious breakdown of communications.
>
> It would be helpful if there were some public discussion about what's
> happened, and why.  There are a lot of people who depend on the quagga
> code base, and trust in community projects depends on transparency.
>
> Nick

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16516] Re: Security list changes (Transparency?)

[Martin Winter]

On 12 Jan 2017, at 14:47, Paul Jakma wrote:


On Thu, 12 Jan 2017, Martin Winter wrote:

as competition or any rule that I wasn’t supposed to work on 2 
projects

at the same time.


To be clear, I tried my best to reconcile. Even after it was made 
clear you were forking, I would probably have been grudgingly OK.


But, NetDEF (or... which company and what kind?) went behind my back 
to get contact details for my manager, and talk to him. Just to find 
out if my employer thinks and if it would sponsor the fork - nothing 
else, _of course_.


Maybe I'm just overly touchy, but I found that a bit low. I couldn't 
even open my Quagga mail folder for a while after that.


(That was begin Nov).


So that was the reason? Do you think we should have NOT contacted HP 
because you work there? Or have contacted you

instead?

I assume a company might appreciate such a heads-up for their own 
planning. Maybe not like it, but better to

be informed and able to plan about it.

- Martin

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16515] Re: Security list changes (Transparency?)

[Martin Winter]

On 12 Jan 2017, at 14:33, Paul Jakma wrote:


On Thu, 12 Jan 2017, Martin Winter wrote:


1.5 years? I must have missed 1 year of this.


David was __suspended__ from Quagga in May '15. A majority of the 
other maintainers had serious concerns about some acts. He was asked 
to explain a series of unilateral actions he'd taken, either against 
the settled view of the maintainers or where it was obvious he was 
acting against. Including his having *unilaterally* removed another 
maintainer.


Only 1 maintainer has ever been kicked out of Quagga, while it was 
running under a collective maintainer model anyway[1]. And it was 
_not_ David.


“suspended” vs “kicked off”

Interesting wording is all I can say.

He gave an initial response, and we waited for a full response. 
And.,.. nothing. He just went away. However, after some weeks, I heard 
NetDEF were pitching around for a fork.


This was discussed over weeks before. No need to bring it all back. 
Everyone interested, look at archive and build

your own opinion.

So that's June / July '15 to date. I make that 1.5 years ago. But I 
have struggled with a shared understanding of basic terms with others 
in NetDEF before (e.g. "consensus"), so maybe my notion of calendars 
is wrong too.


People asked me (and others) about forking Quagga since I got involved 
(short term back compared to you - only 2011)
That doesn’t mean that there were plans for it. I wanted to avoid it 
and we tried to the best of our abilities to

avoid it.
But last summer it became clear that it was unavoidable to get faster 
progress.


1. Note: as of a few weeks ago, I am the executive maintainer of 
Quagga.

   An interim measure hopefully, if there are enough people still
   interested in Quagga.


Thanks for this note. This is what I call “transparency”. Not sure 
what “executive maintainer”
means, but I assume something like “chief maintainer” with sole 
decision authority ?


Or did I get this wrong?

- Martin

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16514] Re: Security list changes (Transparency?)

[Martin Winter]

On 12 Jan 2017, at 14:11, Paul Jakma wrote:


On Thu, 12 Jan 2017, Martin Winter wrote:

Full disclosure: I helped the OpenBGPd folks in the past as well with 
testing infrastructure. So I might be a repeated “offender” if 
this is a crime.


Testing other open-source routing is great.

Funnily enough, I met one of the OpenBGPd guys at the UKNOF in Glasgow 
recently. We discussed testing and he mentioned the difficulties of 
that. I mentioned your testing work to him, that he should get in 
touch with you. He said he had, and that he'd been told that wasn't 
possible without money.


Partially correct. I offered them access to our infrastructure to do 
their own testing with some of our tools.
I cannot use funding dedicated for specific work and use it to test 
their project. So I offered the best I could

do without much of my time.
They used some of our infrastructure to do some testing. Not sure how 
much…


I would love to help them more testing, but I need someone paying for 
the time to be able to afford this and so

far I’m unable to do this.

- Martin

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16513] Re: NetDEF Transparency?

[Martin Winter]

On 12 Jan 2017, at 14:05, Paul Jakma wrote:


On Thu, 12 Jan 2017, Martin Winter wrote:


Sorry, if this broke. I didn’t see any mistake.


Like meeting with 3rd parties and making agreements to include code, 
without involving anyone else in Quagga?


Huh? Please remind me where we did this? We made agreements on helping 
to develop code and committed to
make the code public - up to submit it to the quagga community, but we 
very VERY clear that the decision
to include is not us. The best we could offer is to get a good quality 
of the code to increase the chance.


We NEVER promised to get anything included into Quagga as part of our 
work.



David works for NetDEF/OpenSourceRouting. Was that ever a question?


He's not listed in your 990 filings for NetDEF:

https://projects.propublica.org/nonprofits/organizations/462124970

(I have the invoices that correspond to the contracting fees in '14; I 
also invoiced you for about £6k GBP in the first part of '15 - which 
is more than the contracting amount listed for '15, though maybe 
half-ish of the difference of the total salaries and the listed 
salaries).


I can direct you to a tax person who can explain you who needs o be 
listed or not. There are very specific requirements
on who to list or not to list. Not every employee is listed on this 
form.
Go read up on instructions for this form. Or talk to a US Tax consultant 
which knows how to deal with non-profits.


But this is completely irrelevant for this discussion.

So what is "OpenSourceRouting"? Is OpenSourceRouting a "project" of 
NetDEF, or is it another company? You and the others go to a lot of 
conferences, so ye can talk to lots of people, who pays for that?


You could have read my other email. OpenSourceRouting is a project by 
NetDEF. Nothing else. Not another company and

you should know this.


You have argued for transparency. Let's be transparent.


I just asked for transparency to mention who got removed from the 
security list. I didn’t question the

reasons. I just wanted to be the community aware of the changes.
Very simple requests. That’s what I call transparency in the 
community.


BTW, when I started contracting for NetDEF, I was told Alistair was 
seed funding it. What was the amount of that seed funding, and how 
much other sponsorship came in and when?


Note: I low-balled my contracting rates on the basis I was working for 
a public-good 501(c)(3), that was still on private seed funding and 
didn't have corporate sponsorship yet. I was a student writing up, 
past my funding, and I needed part-time work to make ends meet. I 
stopped talking to another commercial body, cause I believed in what 
NetDEF was pitched to me as.


Look up the public records if you care about this. It’s all in there.
But I don’t see this relevant on the discussion on transparency of the 
changes to the Quagga community.



And yes, he got kicked out by you


That is an untruth.


I let this stand like this and suggest to everyone read the archives of 
the list.

No point to respond here. And not relevant to this discussion.

Not sure how this is relevant or even a secret. NetDEF (and 
OpenSourceRouting is a project of NetDEF) is the answer to all of 
this. Never tried to hide this and not sure where the confusion is?


So, who is OpenSourceRouting then? Is that a 501(c)(3) too?


OpenSourceRouting is a PROJECT of NetDEF. What part is not clear here? 
It’s not a company, it’s just a single project.


When I started with NetDEF, I was surprised to learn ye already had a 
good bit of ongoing work. Was that NetDEF, or OpenSourceRouting, or ??


BTW: For full transparency, would be still good to announce changes 
like this to the list.


Yes, full transparency, /me claps. Can we?

If you don't want a fight, don't come here and pick one.


I only asked for transparency. I didn’t want to fight. You seem to be 
interested in it.


I’ve asked on details of the changes to made public by someone who 
knows (i.e. you, maybe others),

so the community is aware who is still working on security issues.

That’s all. I mentioned that this wasn’t about me and there is no 
need to argue how I had to be kicked
out because I work for such an evil non-profit and dare to work on more 
than one open source project.


You could have just responded that you made the decision to clean up the 
list because you felt that

this and this and this person was no longer useful or wanted.
This would have been helpful for the community (The Quagga Community 
which I still care about a lot)


Regards,
   Martin Winter

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 16512] Re: Security list changes (Transparency?)

[Paul Jakma]

On Thu, 12 Jan 2017, Paul Jakma wrote:


On Thu, 12 Jan 2017, Martin Winter wrote:


 as competition or any rule that I wasn’t supposed to work on 2 projects
 at the same time.


To be clear, I tried my best to reconcile. Even after it was made clear you 
were forking, I would probably have been grudgingly OK.


But, NetDEF (or... which company and what kind?) went behind my back to get 
contact details for my manager, and talk to him. Just to find out if my 
employer thinks and if it would sponsor the fork - nothing else, _of course_.


Maybe I'm just overly touchy, but I found that a bit low. I couldn't even 
open my Quagga mail folder for a while after that.


(That was begin Nov).


Oh, and I discovered the 990s the last couple of weeks over the 
Christmas break (idle time).


regards,
--
Paul Jakma | p...@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
  Gentlemen, I want you to know that I am not always right, but I am
  never wrong. -Samuel Goldwyn___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev