PRE-ANNOUNCEMENT: BIND-Members Forum
John Narron
zeek at cdsinet.net
Wed Jan 31 22:24:43 UTC 2001
>
> > > 2. Use of PGP (or possibly S/MIME) will be mandatory
> > For what?
>
> So sensitive information (such as the existence of a security bug) can be
> transmitted to members securely.
>
> > > 4. Members will sign strong nondisclosure agreements
> > About what, for crying out loud?!
>
> So ISC can be assured that the sensitive information is not released to the
> public.
>
Normally I lay dormant on this list looking for answers to my
problems that have already been resolved by others, so I figure
I'll throw my two cents in and go about my business.
Setting up this forum actually makes sense. Simply, its a way
to get information about vulnerabilities out to those who can
do something about it. Personally, I'd rather have a "closed"
group of those that know how to fix problems know about the
vulnerability before all the script/packet-kiddies get a hold
of it. I'd rather see a message saying "a flaw was found, here
a fix / workaround until a fix is made", then an alert saying
"a flaw has been found, but you're going to have to run on
vulnerable software until we can fix it - good luck".
And just checking my mail, Cricket Liu just said pretty much
what I did - so I guess I can't be too out of my mind :)
- john
John Narron - jnarron at cdsinet.net | "If I die tomorrow
Network Administration | I'll be alright because I believe
CDS/CDSinet, LLC http://www.cdsinet.net | That after we're gone
122 N. Lafayette, Marshall, MO 65340 | The spirit carries on."
fon: (660) 886 4045 fax: (660) 886 4065 | - Dream Theater
More information about the bind-users
mailing list