FYI, posting to the board list this time. I mistakenly sent my previous emails to the wrong alias.
I am raising this issue because we are at a cross-roads with regards to deciding on how working groups will operate. The decisions we make will establish a precedent. Since having working groups is a new mechanism for the board, I would rather err on the side of caution. I would rather we have weak working groups with little authority to move forward, than working groups that have broad authority that can act more independently of the board. I believe the board should authorize any activity that requires the investment of resources from multiple organizations, or that will result in the production of a public work product. We may decide to change this in the future, but IMHO we should do so only once we better understand how WGs will work.
As for Harold’s question, I think two more things need to be done:
1) Any working group activity that requires the investment of implementation resources from multiple organizations, or that will result in the production of a public work product should be proposed to the board list with a quick summary of the project, who will be participating, and what the implications will be to the CVE community.
2) The board should discuss the project on the list and address any concerns raised before moving forward.
I don’t think we need to vote. A process that focuses on establishing rough consensus is enough in my view. This should help to ensure that a larger set of stakeholders are consulted before moving forward.
|Free forum by Nabble||Edit this page|