On 5 December 2015 at 14:01, Christian Rebischke <Chris.Rebischke@archlinux.org> wrote:
This mailinglist has a daily-business todo and was not designed for discussions. [...]
The list name however says "Discussion about security issues in Arch Linux and its packages". That being said, I understand what you mean and agree with it.
[...] This mailinglist's main task is to inform subscribers about newest vulnerabilities.
So, could perhaps the list be split into two: one list for security-related discussions and one---moderated or even "read-only"---strictly for security announcements? For example, FreeBSD has these: freebsd-security: Security issues [members-only posting] freebsd-security-notifications: Moderated Security Notifications [moderated, low volume] The rationale is probably obvious. On one hand, people indeed expect a list used for security announcements to be used _only_ for this. Some might, for example, have set filters that mark such messages as urgent, display nagging pop ups, etc. On the other hand, the plain old e-mail still has value as a media for discussions. For example, it's not very practical to digitally sign forum postings, and IRC is a wholly different type of communication that might not always be appropriate. Cheers, Luchesar P.S. Slightly off-topic: my sincerest gratitude to everyone behind the security announcements! You're doing a great job, and this is not just empty words.