Another permission for our records:
Speaking of "records", what mechanism are we using to keep track of these?
Also, blanket-permission.txt is reasonably reliable, since ssh connections are secure. Email is less-so, since it can be spoofed. I hate to suggest this, but perhaps it would be best to ask those without CVS access to mail a signed note, just to be sure. I can't think of another mechanism that has legal verifiability. I'm going to have lunch with Boost's lawyer today, so I can ask him about it.
Uh, yes I know what you're getting at, I just don't want the bar set so high that no one replies. So far I've been forwarding to the list any permissions that have come back to myself or to boost-owner, and then adding the permissions to blanket-permission.txt. The problem we have is not everyone we need to contact has cvs access, or is even still subscribed to the list. We also don't do any more than look at someone email address, when accepting contributions to boost in the first place, do we? Of course maybe we should... John.