This would be great, and I am pretty sure I would support it. But also, what would it have done for xz? Can you point out the link between xz and what you offer here?
@Di4na hey Thomas, I think this has to be understood as a first step of a process to think about how to design public support for critical open source software in the future - which is the objective of the NGI Commons project..
@Di4na The thinking is that as many others argue, cybersecurity risks in OSS (such as the one made visible by the xz backdoor) show light on current maintenance issues in OSS, which require more public support - including funding.
@Di4na But we also need to preserve/strengthen the specific mode of governance that makes OSS potentially secure in the first place: distributed participation and rules of checks and balances etc. Bringing in the concept of the digital commons helps to imagine public funding without replacing what OSS currently is (not a State-led bureaucratic system).
@jankrewer I will respectfully say, that if you actually want a discussion about a Digital Commons where said ressource constrained maintainers are heard, an in person workshop in a different country during their workweek may be a bit problematic?
But it seems that is not on the nose enough for you?
@Di4na I'm not assuming anything about what you do or where you live, as I have no idea who you are :) but if you're knowledgeable about the subject, there will of course be plenty of other opportunities to contribute online, and I hope you'll find the time to share your thoughts.
Add comment