PRE-ANNOUNCEMENT: BIND-Members Forum

John Narron zeek at cdsinet.net
Wed Jan 31 22:24:43 UTC 2001


>
> > >       2. Use of PGP (or possibly S/MIME) will be mandatory
> >         For what?
>
> So sensitive information (such as the existence of a security bug) can be
> transmitted to members securely.
>
> > >       4. Members will sign strong nondisclosure agreements
> >         About what, for crying out loud?!
>
> So ISC can be assured that the sensitive information is not released to the
> public.
>

Normally I lay dormant on this list looking for answers to my
problems that have already been resolved by others, so I figure
I'll throw my two cents in and go about my business.

Setting up this forum actually makes sense.  Simply, its a way
to get information about vulnerabilities out to those who can
do something about it.  Personally, I'd rather have a "closed"
group of those that know how to fix problems know about the
vulnerability before all the script/packet-kiddies get a hold
of it.  I'd rather see a message saying "a flaw was found, here
a fix / workaround until a fix is made", then an alert saying
"a flaw has been found, but you're going to have to run on
vulnerable software until we can fix it - good luck".

And just checking my mail, Cricket Liu just said pretty much
what I did - so I guess I can't be too out of my mind :)

  - john

John Narron - jnarron at cdsinet.net        | "If I die tomorrow
Network Administration                   |    I'll be alright because I believe
CDS/CDSinet, LLC http://www.cdsinet.net  |  That after we're gone
122 N. Lafayette, Marshall, MO  65340    |    The spirit carries on."
fon: (660) 886 4045 fax: (660) 886 4065  |    - Dream Theater





More information about the bind-users mailing list