[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A Burning Issue



This issue comes up every so often.  In my opinion, it would be valuable
for Symbolics and their customers if customers had a more timely way of
distributing their own patches/hacks.  The SLUG library was one attempt
at doing that.  Unfortunately, we all are a little slow at making use of
it.  Getting all the paperwork done is what slows me down.

One of the issues I have been pursuing, somewhat behind the scenes, is to
get a second mailing list to deal with bugs and their patches.  One idea
(which I don't think will work) is to split the current SLUG list into
SLUG and SLUG-BUG.  (As I recall that didn't work too well for INFO-1100.)
Another idea was to get Symbolics to maintain a mailing list that users
could send bugs/patches to.  Then customers would be sending the info only to
Symbolics (under the terms of their license) and Symbolics would send it
on out to the customers (perhaps automatically).

So what are the problems with this second idea?  Well, if that mailing
list got all the mail to CUSTOMER-REPORTS, I'm told that we would be
inundated with lots of junk.  So we really need a second list.  (Besides
some people might be willing to send some reports to Symbolics but not
want to have them spread all over.)  Now what about Symbolics's
commitment to this list?  Well, they'd have to have someone compile the
list of subscribers and they might want to review the material before
sending it on to the customers.  That second point would probably be a
real drag.  If I were Symbolics, I'd consider letting all messages less
than, say, 10K characters go through without review.  I doubt a single
message of <10K would let too many trade secrets out.

As far as the security of these messages goes, there are several
solutions.  At one point I worked on a method of encrypting patches
according to the original source file.  Thus if you make a patch to
SYS:FOO;BAR.LISP.99, the text of that original file would be the basis
for the key for the encrypting.  Assuming the encrypting is reasonably
secure, that solves the problem of people getting the, say, Pascal sources
when they weren't entitled to them.  (And if it were secure enough,
Symbolics could consider letting us send the encrypted text out without
it going through them.)

If you like some of these ideas, please say so.  I feel there is a need
for some more timely way of distributing patches and customer patches.
(As an aside, Symbolics has no responsibility of any nature for
something that the customers wish to distribute.)  I suspect this will
always be most necessary just after a new major release (or release of
new hardware).  But I could be incorrect on how others feel about this.

PLEASE LET SYMBOLICS KNOW if you want something like this.  Unless you
speak up it probably won't happen.