Sounds like a plan, Avi!
Ultimately, we probably want the maintenance policies to go like:
1. You have to become an approved developer before you can post updates for official, auto-installable packages. Otherwise, any random guy can post trojans to our repository!
2. We need to think about how to handle releases, so that 3.8 has its own set of auto-installable packages. A big step towards handling releases is having a way to designate sets of packages. As releases get closer and pass by, those designations need to become harder to update. Not just any developer should be able to flip a tag on and cause a change to a released set of packages.
3. We seriously need visible bug trackerss for the packages, so that release managers has the input they need in assembling the package sets of #2.
#3 is dead easy. We just need to install a bug tracker that has a category for each package.
#2 is all we can address in the immediate term. My package universes toolkit addresses the problem directly -- in fact, we could implement #2 just by saying "package universes is official" -- but it's not a huge problem and it could be implemented in many other ways as well. Just watch out for who is making the decisions; developers should submit packages for inclusion, but some smaller group (possibly just a singular release manaer) should give the final approval.
#1 relies on having some sort of membership process, something like Debian's "new maintainer process". Before that will work, we need to set up some sort of organization with bylaws, membership, and elections, i.e. something like Debian's constitution. ;)
A great first step is to get things packagized at all, though, and if Tweak has done it then we can just do what they did.
Lex