From owner-freebsd-security@FreeBSD.ORG Wed Apr 7 14:58:41 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6F7D016A4CE; Wed, 7 Apr 2004 14:58:41 -0700 (PDT) Received: from ns1.tiadon.com (SMTP.tiadon.com [69.27.132.161]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2FF4543D45; Wed, 7 Apr 2004 14:58:41 -0700 (PDT) (envelope-from kdk@daleco.biz) Received: from daleco.biz ([69.27.131.0]) by ns1.tiadon.com with Microsoft SMTPSVC(6.0.3790.0); Wed, 7 Apr 2004 16:58:44 -0500 Message-ID: <40747968.2030902@daleco.biz> Date: Wed, 07 Apr 2004 16:58:00 -0500 From: "Kevin D. Kinsey, DaleCo, S.P." User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040406 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Peter Pentchev References: <20040407154220.GA5651@madman.celabo.org> <20040407162628.GA942@straylight.m.ringlet.net> In-Reply-To: <20040407162628.GA942@straylight.m.ringlet.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 07 Apr 2004 21:58:44.0656 (UTC) FILETIME=[7EFC1B00:01C41CEB] cc: "Jacques A. Vidrine" cc: freebsd-security@freebsd.org Subject: Re: Changing `security@freebsd.org' alias X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Apr 2004 21:58:41 -0000 Peter Pentchev wrote: >On Wed, Apr 07, 2004 at 10:42:20AM -0500, Jacques A. Vidrine wrote: > > >>Hello Folks, >> >>The official email address for this list is >>`freebsd-security@freebsd.org'. Due to convention, there is an email >>alias for this list: security@freebsd.org, just as there is for >>hackers@ & freebsd-hackers@, arch@ & freebsd-arch@, and so on. >> >> >[snip] > > >>Mistaken early disclosure of a vulnerability can have consequences >>from the merely embarrasing to catastrophic. Therefore, I am >>proposing that `security@freebsd.org' be re-routed to the Security >>Officer. >> >> > >And before you get a flood of nay-sayers, here's a "Go for it!" from at >least one semi-lurker :) > >G'luck, >Peter > > Not a nay sayer, but probably worse, here. Build a better bikeshed: how difficult would it be to add an autoresponder that says something like: "Thanks for your email to the security team. We will act upon your information ASAP. In case you were attempting to contact the security <> mailing list at freebsd.org, please resend your mail to: ..." ?? Don't know that it's a need; thought it might save security-officer@ the trouble of either returning those mails manually or else Fw:'ing them to the real list .... It may not matter; this list is certainly much quieter than it used to be (with the possible exception of this post ;-) and therefore that may happen very little. A visual diff of the most recently posted items to freebsd-security shows little use, but the point is rather obvious.... Kevin Kinsey