[linux-elitists] Security Vendor Cuts Ties With CERT

Don Marti dmarti@zgp.org
Wed Jan 29 09:50:53 PST 2003


begin Aaron Sherman quotation of Wed, Jan 29, 2003 at 09:50:05AM -0500:

> On Wed, 2003-01-29 at 06:32, James Morris wrote:
> 
> > IMHO, this violates an important trust relationship with the community,
> > and seems likely to lead to less reporting and coordination of security
> > issues.
> > 
> > I'm not sure how long CERT have been doing this, but there are other
> > organizations which also coordinate security issues and provide advance
> > information only to paying customers.
> 
> Wouldn't said security vendor's response be to announce everywhere,
> INCLUDING to CERT? Of course, if their concern is that CERT is charging
> for a service that they want to provide....

OK,  I'm looking at the RFPolicy document right now:
http://www.wiretrip.net/rfp/policy.html

and while I see entries for 

The ISSUE, The ORIGINATOR, and The MAINTAINER, I don't see any
entries for the POINTLESS MIDDLEMAN.  Why do we need CERT again?

-- 
Don Marti                  Even if we don't get DMCA reform, loudly
http://zgp.org/~dmarti     demanding DMCA reform is going to get the
dmarti@zgp.org             injustice of the DMCA in front of the next
KG6INA                     jury.  Make noise.  It counts.



More information about the linux-elitists mailing list