Full Disclosure: Re: it's all about timing

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: it's all about timing

From: full-disclosure () lists netsys com (Georgi Guninski)
Date: Fri, 02 Aug 2002 15:53:01 +0300

Steven M. Christey wrote:


A number of people thought that the disclosure process draft placed
too much of an emphasis on using third parties.  That will be weakened
to a suggestion in the next version.


I disagree with 3.6.2 Reporter Responsibilities from the draft.
My concerns are at: http://www.guninski.com/rfcsec.html

I believe a lot of people won't like some RFC to forcefully put responsibilities 
on them.

Who benefits from keeping reporters quiet for as long as possible - only big 
corps who can't code in my opinion.

A recent study showed that a lot of professionals want information about 
vulnerabilities as soon as possible.

Georgi Guninski
http://www.guninski.com

By Date By Thread

Current thread:

Re: it's all about timing, (continued)
- Re: it's all about timing Sunil James (Aug 01)
- it's all about timing Timothy J.Miller (Aug 01)
- it's all about timing Alan Rouse (Aug 01)
- it's all about timing Rohny Jotton (Aug 01)
- Re: it's all about timing Steven M. Christey (Aug 01)
  - Re: it's all about timing Georgi Guninski (Aug 02)
- Re: it's all about timing Colin Stefani (Aug 01)
- it's all about timing Don (Aug 01)
- it's all about timing Dunbar, Gregory (Aug 01)
- it's all about timing Steven M. Christey (Aug 01)
- it's all about timing Steven M. Christey (Aug 01)