[ntp:hackers] Anybody object to requiring AnsiC for building NTP?
paul at vix.com
Thu May 26 08:10:35 PDT 2005
> ..., I suggest that its time for a formal charter for NTP.ORG that addresses
> 3) Which brings us to that we need a formal statement how NTP.ORG
> through ISC is going to maintain its process, release model, and operations
> process, and not just in the Code Repository... We also need to understand
> how the Code to be audited, and how is each release being checkpointed and
> audited? What is it that ISC is guaranteeing by the use of the Code
> Repository? - Is ISC guaranteeing that the code remains unhacked or clean?
> If not then we may have a problem especially with ISC's using NTP as a
> source of income. In any event these are a easily resolved points and should
> be handled with some speed IMHO.
as a no-fee consultant to isc, harlan acts as the NTP Programme Manager here,
and as such, he will speak for isc in regards to these questions. of course,
i expect him to check with the rest of isc before committing the organization
or incurring possible liabilities, but harlan's been very good about that.
also of course, if dave tells isc that harlan has gone insane, we'll listen.
think of isc as offering mechanism but not having policy regarding ntp. our
only certainty is that the software license must continue to be BSD-like, not
proprietary or GPL or LGPL or anything else.
> Vixie and team at ISC should be able to help with some of this framework,
> as part of ISC's hosting critical projects for bux... and I and any
> number of other Certified Auditors, can provide an operations
> audit on an ongoing basis to satisfy the COBiT/ITIL/ISO17799 3rd party
> Walkthough Requirements.
we're here to help. if you need more from us than hosting, or more
paperwork than hiring harlan as a no-fee consultant, just ask.
More information about the hackers