[OPEN-ILS-DEV] Security team coordination

Jason Etheridge jason at esilibrary.com
Wed Dec 22 11:23:37 EST 2010


> One thing that we should discuss is a policy for the archives of the security mailing list.  I propose that the mailing list be publicly archived but under a one-year embargo.  This would allow communications to be transparent (ultimately) and provide an incentive to not let security issues sit fallow while allowing us to try to release fixes for major security issues before exploits are published.

+1

-- 
Jason Etheridge
 | VP, Tactical Development
 | Equinox Software, Inc. / Your Library's Guide to Open Source
 | phone:  1-877-OPEN-ILS (673-6457)
 | email:  jason at esilibrary.com
 | web:  http://www.esilibrary.com


More information about the Open-ils-dev mailing list