Site Navigation

Date:      Wed, 09 Apr 2014 08:57:28 -0500
From:      Karl Denninger <karl@denninger.net>
To:        freebsd-security@freebsd.org
Subject:   Re: Proposal
Message-ID:  <534551C8.6030004@denninger.net>
In-Reply-To: <86fvlm7hzj.fsf@nine.des.no>
References:  <CAA3htvtb%2ByZRApEqJ41ue%2B6jB5Y_Une96SYyJRwQXBmQfRZbtQ@mail.gmail.com> <86fvlm7hzj.fsf@nine.des.no>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[-- Attachment #1 --]

On 4/9/2014 8:25 AM, Dag-Erling Smørgrav wrote:
> Pawel Biernacki <pawel.biernacki@gmail.com> writes:
>> I understand that this is voluntary role and you have another (real
>> life) responsibilities that’s why I'd like to propose an idea of (at
>> least partially) paid position of Security Officer, because we all
>> need quick and efficient response in cases like that.
> Having a paid Security Officer would not have made any difference.
>
> DES
Agreed.

In this particular case FreeBSD's team responded very quickly once the 
threat was known and a resolution path was made available in a very 
expeditious fashion.

The real problem here is the depth of damage and the amount of work to 
rectify it, particularly for those who have certificates issued by 
someone else where **they** may have been compromised.  But this has 
nothing to do with FreeBSD.

-- 
-- Karl
karl@denninger.net



[-- Attachment #2 --]
0�	*�H��

��0�

10	+0�	*�H��


��O0�K0�3�

0
	*�H��


0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems LLC CA1/0-	*�H��

	
 customer-service@cudasystems.net0
130824190344Z
180823190344Z0[10	UUS10UFlorida10UKarl Denninger1!0	*�H��

	
karl@denninger.net0�"0
	*�H��



�0�
�
��b����i՞�]�����MN�Կ���aw�x�?�`�)'�Ҵ�cWg�R@
Bl��Wh+	�u}ApdC���FJV�й���~�FOL��}��EW�^��bچY��p3�K&��ׂ��(R�
��l�xڝ.x��z?�����6��&n�s��J���+1v�9v/�(kq�Īp[�v�jc�K%f�ϻe���?iq]z����������
��lyzF��O'�ppdX//��Lw(���3����������J���IA�*��S�#�����՟��H��[f|CGqJK�o��oy��.oE�����u�Ow$��/��섀$삻J���9b�����������|����AP~8�]D1������Y�I<"�"�"Y^��T�2�iQ�2����b��	yH���)��]�	Ƶ�0y$�_N6X���q�M�C �9�՘	����X�gώj��G�T�P"�#��n���ˋ"B�k��1

���0��0	U00	`�H
��B

�0U�0,	`�H
��B

OpenSSL Generated Certificate0U|8�������˴�d�[2�0U#0�]��Af�4U3�x��&^"408	`�H
��B
+)https://cudasystems.net:11443/revoked.crl0
	*�H��


�

gB���wH]����j�\�x�`(�&��g���W�3��2�"��Uf^�.��^Iϱ�
�k!�DQ��Ag{(�w������/��)\N��'[��oRW���@��C���HO���>��)X��r�TNɘ��!�u`��xt5(��=f\-l3��<����@C��6��mn��hv�#����#�����1Ń�b�H�͍���_N�q
a�ʷ?rk���$^�9�TI�a�!�k����h��,D���-ct��1�
0�

0��0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems LLC CA1/0-	*�H��

	
 customer-service@cudasystems.net
0	+��;0	*�H��

	1	*�H��


0	*�H��

	1
140409135728Z0#	*�H��

	1���JUF�R0VO��
2J�0l	*�H��

	1_0]0	`�H
e
*0	`�H
e
0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0��	+

�71��0��0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems LLC CA1/0-	*�H��

	
 customer-service@cudasystems.net
0��*�H��

	1�����0��10	UUS10UFlorida10U	Niceville10U
Cuda Systems LLC10UCuda Systems LLC CA1/0-	*�H��

	
 customer-service@cudasystems.net
0
	*�H��



�W�?@�@�9���ZDQ_��{�1��-1~ ���:F��ں��P0ϋXiJ�n=_Ԍ��k�`��M�byѧ>�Y�YM�oxx-��1t����`ϓ�O �4�1�{_,����$���"�MLn~&{-VUkz����h
�{�D}q�_rMo�nا���Rw
S<s��$��(��q+~SY�!�	+3��0�"���g7'��B���-݊_�]��>�Z����n��1^p-�f��3,WJ�yC'���������{`[~=�~	�
��:����-���}�����b�KRF	�$o��%�g6CU�|�@�mV���^_an�"��w�v)}�ly��V�P����CH�Ԍ����eol�Ri?��3�Mrǁ�r�zԪ]�+�,xZ�q	py�8��'?"=�1J26��}2�%�/���,L/�N����$O�S=���A4S�:����lB�8ڸ˜��i��򟂉�3�0���$�`������@Q�Yc���?�M�6����o�

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?534551C8.6030004>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact