Full Disclosure mailing list archives
it's all about timing
From: full-disclosure () lists netsys com (Steven M. Christey)
Date: Fri, 2 Aug 2002 01:15:19 -0400 (EDT)
On Wed, 31 Jul 2002, Eric N. Valor wrote:
RFPolicy always seemed reasonable to me.
Joey Kelly asked:
Got a URL for that?
http://www.wiretrip.net/rfp/policy.html RFPolicy is an excellent document, which much of the responsible disclosure draft is based on. However, it focuses on the researcher. The responsible disclosure draft also includes recommendations for vendors that would make it easier on researchers who want to follow RFPolicy. Where RFPolicy says "give the vendors X working days to respond," the RVDP has recommendations for researchers to give vendors X days, and complementary guidelines for vendors to respond within X days. (X = 5 for RFPolicy and X=7 for RVDP, as discussed in a previous email). - Steve
Current thread:
- it's all about timing, (continued)
- it's all about timing Alan Rouse (Aug 01)
- it's all about timing Rohny Jotton (Aug 01)
- Re: it's all about timing Steven M. Christey (Aug 01)
- Re: it's all about timing Georgi Guninski (Aug 02)
- Re: it's all about timing Colin Stefani (Aug 01)
- it's all about timing Don (Aug 01)
- it's all about timing Dunbar, Gregory (Aug 01)
- it's all about timing Steven M. Christey (Aug 01)
- it's all about timing Steven M. Christey (Aug 01)
- it's all about timing Kurt Seifried (Aug 02)
- it's all about timing Steven M. Christey (Aug 01)
- it's all about timing Evrim ULU (Aug 02)
- it's all about timing Juliao Duartenn (Aug 02)
- it's all about timing KF (Aug 05)
- it's all about timing ATD (Aug 05)
- it's all about timing ATD (Aug 05)
- it's all about timing KF (Aug 05)
- it's all about timing Evrim ULU (Aug 02)