HEADS UP Re: Changing `security@freebsd.org' alias
Jacques A. Vidrine
nectar at FreeBSD.org
Fri Apr 16 09:32:43 PDT 2004
Hello again,
The change discussed earlier has been made. Email to
<security at FreeBSD.org> now reaches the security team rather than any
public list.
If you find any references to <security at FreeBSD.org> as a public list,
please let me know. It appears that there were none on the web site
or handbook or FAQ, but there could be some I missed.
Cheers,
--
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
On Wed, Apr 07, 2004 at 10:42:20AM -0500, Jacques A. Vidrine wrote:
> Hello Folks,
>
> The official email address for this list is
> `freebsd-security at freebsd.org'. Due to convention, there is an email
> alias for this list: security at freebsd.org, just as there is for
> hackers@ & freebsd-hackers@, arch@ & freebsd-arch@, and so on.
>
> The security at freebsd.org alias has been the source of occassional
> problems. Several times in the past, postings have been made to that
> address under the assumption that address was directed to security
> response personnnel, and not a public mailing list. Of course, this
> was a reasonable assumption. Practically every vendor in the universe
> uses security@ for that purpose, largely because RFC 2142 strongly
> recommends it for that purpose.
>
> And sometimes one just makes a typo. It has not been
> too uncommon for people to forget the `-officer' part of
> `security-officer at freebsd.org'. (Yours truly has been guilty of
> this.)
>
> Mistaken early disclosure of a vulnerability can have consequences
> from the merely embarrasing to catastrophic. Therefore, I am
> proposing that `security at freebsd.org' be re-routed to the Security
> Officer.
>
> I imagine this will have some significant impact: there must be
> many references to security at freebsd.org as a public list out there.
> So, I thought I'd air the issue here before sending any request to
> postmaster at .
>
> Cheers,
> --
> Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>
More information about the freebsd-security
mailing list