Fwd: Paying Tomasz Wasilczyk for security improvements

[Mark Doliner]

---------- Forwarded message ----------
From: Tomasz Wasilczyk <tomkiewicz.groups at gmail.com>
Date: Thu, Feb 21, 2013 at 1:49 PM
Subject: Re: Paying Tomasz Wasilczyk for security improvements
To: Mark Doliner <mark at kingant.net>


Hi Mark,

thanks for CC-ing me. I would like to comment on some stuff, so please
forward this message to the list.

We (that means, me and few people from Google) tried to set up some
way to hire me to work on topic mentioned before. Unfortunately, it
turned out to be *really* complicated to do it straightway - huge
companies have its weird rules and procedures. They got the idea to
push it through IMF, as donations are more common and well defined in
their set of rules.

> I don't see why Google would use a credit card to make this donation.
> Why not an electronic funds transfer to the IMF checking account (no fees)
> or a physical check in the mail ($0.46 plus a fraction of a cent for a check)?

I think PayPal is just the easiest way to send funds internationally.

We didn't set (yet?) rigid requirements, I've only got a list of loose
tasks to comment on. A lion's share of discussion was about troubles
with setting any possible contract. However, I would prefer to see
some sort of soft/hard requirements when working on this. I would like
to emphasize, that the work isn't a simple do-some-tasks-and-forget,
it's rather a long-time allocation to care about security issues that
hurts Google. Also, it wasn't said, if tasks to do will be provided
only from Google, or both Google and IMF/Pidgin crew (merging master
password branch, for example, sounds interesting and useful).

Tomek