In response to Karsten's posting about Fedora Legacy, resources and Whitebox vendors, yes, and no (:
When Legacy started, IE when it was dropped in my lap for being a squeaky wheel, I was working for a "whitebox" vendor. Pogo Linux to be specific. Pogo was very motivated to make Legacy work given that the majority of its customer base was on a Red Hat Linux version. They supplied the project (me) with time, equipment, hosting, and communication to their customers about the project.
I've since lefty Pogo, but they still are very supportive of the project, but not so much in manpower anymore. I've been stuck in a place that I'd like more people to work on the project, but our infrastructure was in very poor shape (my fault). After Legacy got started, this Extras thing spawned and became the 400lb gorilla in the Fedora community. Who wants to work on ancient releases when you can do cool stuff for the current ones? But I'm very grateful of Extras because some VERY cool work has come of it. The mock / plague build system, the Fedora infrastructure team, the plethora of docs for contributing, the account infrastructure, and the packaging guidelines. These are all things that Legacy can make use of. We've been surpassed a long time ago infrastructure wise and manpower too. So what have I done about this?
Well, the obvious answer is I've started to move into Extras space (: Work is ongoing to integrate Legacy into the Extras build systems, CVS space, and in some way publish space. My goal is to be integrated shortly after FC6 launches and well before FC 5 goes into maint mode (when Legacy takes care of it). We already have a CVS system, the cvslegacy group in Fedora accounts, and soon we'll have plague /mock configs to use with in the Extras space. This should make it much easier for folks to contribute not just to Extras but to Legacy as well. Then I'd like to investigate some motivational tools, like free stuff when you've produced so many updates for Legacy releases, things like that. Karma points for your Fedora account, etc... One thing for sure, doing security related auditing and fixing looks really good on a resume if you're into that kind of thing. I'm hoping to remove the technical road blocks in the way of smart people contributing to an important project. If I make it easy, surely they'll come right?