Bugtraq mailing list archives
Re: Vendor guidelines regarding security contacts
From: Ben Bucksch <news () bucksch org>
Date: Fri, 12 Jan 2007 05:25:39 +0100
Steven M. Christey wrote:
The US Department of Homeland Security's "Vulnerability Disclosure Framework" document here: http://www.dhs.gov/xlibrary/assets/vdwgreport.pdf
*cough* Full Disclosure Policy (RFPolicy) v2.0 http://www.wiretrip.net/rfp/policy.htmlThis basically means for vendors: Monitor security () example com, fix promptly, and communicate with reporter in all stages.
Ben
Current thread:
- Vendor guidelines regarding security contacts Steven M. Christey (Jan 08)
- Re: Vendor guidelines regarding security contacts security curmudgeon (Jan 08)
- Re: Vendor guidelines regarding security contacts Chris Wysopal (Jan 10)
- Re: Vendor guidelines regarding security contacts Ben Bucksch (Jan 12)
- Re: Vendor guidelines regarding security contacts Steven M. Christey (Jan 12)
- <Possible follow-ups>
- Re: Vendor guidelines regarding security contacts Juha-Matti Laurio (Jan 11)