international standard

ISO/IEC 29147:2014

ISO/IEC 29147:2014
Guide for how to handle vulnerability reports (on ISO/IEC 29147:2014)
ISO/IEC 29147:2014

2014/02 : "ISO/IEC 29147:2014 gives guidelines for the disclosure of potential vulnerabilities in products and online services. It details the methods a vendor should use to address issues related to vulnerability disclosure." (see : https...Read more

Guide for how to handle vulnerability reports (on ISO/IEC 29147:2014)

2016/04/18 : Juha Saarinen writes on the document published by International Standards Organisation and International Electrotechnical Commission. This document "helps organisations handle responsible...Read more

Negociation as a drawback?

The authors make a bold statement:

If we've learned 3 important things about cryptography design in the last 20 years, at least 2 of them are that negotiation and compatibility

...Read more
What are the pros and cons of standardization?
The PGP Problem (Latacora blog post)
OpenPGP
Subscribe to international standard
Need help with PECE?
Join the PECE Slack channel