Group Proposal, for discussion: Vulnerability Group

Volker Simonis volker.simonis at
Thu Oct 12 07:38:54 UTC 2017


what's the current status of this group/proposal?

Can you please at least post a final version of the "OPENJDK
cite (
is still marked as "Draft". I really want to get this agreement signed
by my employer but I'm currently stuck because it makes little sense
to sign a draft document.

Thank you and best regards,

On Tue, Sep 5, 2017 at 8:38 PM, Martijn Verburg
<martijnverburg at> wrote:
> Hi Mark,
> Apologies for the radio silence.  I was going to suggest edits de-emphasising
> Oracle's leadership / central role in this group, not because Oracle
> doesn't deserve to or have the right to lead, but more that I wanted to see
> the principles of shared vulnerability ownership (across all the vendors)
> front and center in the proposal.
> After a careful re-read of the doc I've realised that my impression was
> plain wrong and that the shared ownership is very much advocated.
> Thanks again for proposing this important group, it's really good to see!
> Cheers,
> Martijn
> On 24 August 2017 at 22:16, <mark.reinhold at> wrote:
>> 2017/8/24 10:33:41 -0700, martijnverburg at
>> > Totally applaud this idea!  I have some suggested wording changes that
>> > might be easiest to suggest as a diff or some sort of track changes on
>> the
>> > original text.  Do you have a preferred mechanism for that type of
>> feedback?
>> If you'd like to propose a patch, I've posted the Markdown source here:
>> - Mark

More information about the discuss mailing list