2001/08/15 : Elias Levy continues the full disclosure debate.Read more
2019/07/31 : Here is the Project Zero FAQ.
This artifact is part of the Google Project Zero Bundle.Read more
2003/01/22 : Stephen A. Shepherd published in SANS a paper which had a big influence on vulnerability disclosure discussion. He defines responsible disclosure and recalls the key events on vulnerability disclosure debate. Read more
2016/06/04 : Ari Schwartz and Rob Knake from the Belfer Center for Science and International Affairs publishes this discussion paper analysing the VEP (Vulnerability Equities Policy and rocess) and offering it some improvements. Read more
2018/05/14: Article on the EFAIL vulnerbilities concerning OpenPGP and S/MIME encrypted emailRead more
2006/02/10 : Here is the iDefense Press Release presenting their new Vulnerability Contributor Program (VCP).
This artifact is part of the iDefense Bundle. Read more
2001/09/07 : Kim Zetter explains how full disclosure debate starts again with the "Code Red's astonishing success".Read more
2002/02 : IETF Draft by Steve Christey from MITRE and Chris Wysopal :
"During the process of disclosure, many vendors, security researchers, and other parties follow a variety of unwritten or informal guidelines for how they interact and share information. Some parties may be unaware of...Read more