FST post in Fedora Magazine [DRAFT]
Eric Christensen
sparks at fedoraproject.org
Wed Sep 16 15:05:43 UTC 2015
On Wednesday, September 16, 2015 10:59:04 AM David Cafaro wrote:
> The security-team list should be for all public issues. The security@
> address is for embargoed or new bugs (that may end up being embargoed
> depending on how the security@ list members handle it).
I think this is a confusion point...
We actually have three lists:
security@, security-team@, and security-private at . I believe the first was
setup to answer questions from the community, the second was setup as a
discussion area between team members, while the third was setup for what,
exactly, I don't know exactly (I can speculate).
I wouldn't use the first two to discuss embargoed items and I'm not sure I'd
use security-private either. It depends on how we extend the trust of
knowledge of embargoed items and I'm not the one to talk to about that.
--Eric
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.fedoraproject.org/pipermail/security-team/attachments/20150916/82424008/attachment.sig>
More information about the security-team
mailing list