Date: Wed, 7 Apr 2004 10:42:20 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: freebsd-security@FreeBSD.org Subject: Changing `security@freebsd.org' alias Message-ID: <20040407154220.GA5651@madman.celabo.org>
next in thread | raw e-mail | index | archive | help
Hello Folks, The official email address for this list is `freebsd-security@freebsd.org'. Due to convention, there is an email alias for this list: security@freebsd.org, just as there is for hackers@ & freebsd-hackers@, arch@ & freebsd-arch@, and so on. The security@freebsd.org alias has been the source of occassional problems. Several times in the past, postings have been made to that address under the assumption that address was directed to security response personnnel, and not a public mailing list. Of course, this was a reasonable assumption. Practically every vendor in the universe uses security@ for that purpose, largely because RFC 2142 strongly recommends it for that purpose. And sometimes one just makes a typo. It has not been too uncommon for people to forget the `-officer' part of `security-officer@freebsd.org'. (Yours truly has been guilty of this.) Mistaken early disclosure of a vulnerability can have consequences from the merely embarrasing to catastrophic. Therefore, I am proposing that `security@freebsd.org' be re-routed to the Security Officer. I imagine this will have some significant impact: there must be many references to security@freebsd.org as a public list out there. So, I thought I'd air the issue here before sending any request to postmaster@. Cheers, -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040407154220.GA5651>