2002/03/15 : Schneier published his monthly newsletter.
Schneier gives this time a summary of the vulnerabilitiy disclosure actual issues.
"The history of the vulnerability's discovery and publication is an interesting story, and illustrates the...Read more
Stephen Farrell's mail in response to ilf mail about OpenPGPRead more
2002/02 : IETF Draft by Steve Christey from MITRE and Chris Wysopal :
"During the process of disclosure, many vendors, security researchers, and other parties follow a variety of unwritten or informal guidelines for how they interact and share information. Some parties may be unaware of...Read more
2002/02/28 : Steven M. Bellovin and Randy Bush shows the utility of obscurity and open discussions on vulnerabilities. Read more
2002/07/12 : Michael Morgenstern and Tom Parker point to the failure of Christey and Wysopal's willingness to put in place common measures for responsible disclosure.
"Unfortunately, Steve Christey and Chris Wysopol's RFC of February...Read more
2002/03/11 : Rasch analyses Christey and Wysopal IETF Draft.
"The report articulates what many in the security industry have considered to be a reasonable method of reporting security vulnerabilities." (p.1)
This artifact is part of the...Read more