home of the madduck/ blog/
I was there

Philipp, thanks for the note. I was at the talk and it was then (though not due to Joey's talk) that I decided we need to do something about security in Debian. It just so happened that LinuxTag 2005 coincided with the bad media coverage we got on security.

I don't want to speak of (as of yet) unreal things, but one of the goals we want to achieve as soon as possible is take some of the burden away from Joey and expand the work of the secure testing team to cover unembargoed security issues in stable as well. And among the prime needs we identified was lack of a formal procedure and documentation, so this is stuff I want to work on, also in preparation of my upcoming FOSDEM talk.