Hello Folks, The official email address for this list is `[email protected]'. Due to convention, there is an email alias for this list: [email protected], just as there is for hackers@ & freebsd-hackers@, arch@ & freebsd-arch@, and so on. The [email protected] alias has been the source of occassional problems. Several times in the past, postings have been made to that address under the assumption that address was directed to security response personnnel, and not a public mailing list. Of course, this was a reasonable assumption. Practically every vendor in the universe uses security@ for that purpose, largely because RFC 2142 strongly recommends it for that purpose. And sometimes one just makes a typo. It has not been too uncommon for people to forget the `-officer' part of `[email protected]'. (Yours truly has been guilty of this.) Mistaken early disclosure of a vulnerability can have consequences from the merely embarrasing to catastrophic. Therefore, I am proposing that `[email protected]' be re-routed to the Security Officer. I imagine this will have some significant impact: there must be many references to [email protected] as a public list out there. So, I thought I'd air the issue here before sending any request to postmaster@. Cheers, -- Jacques Vidrine / [email protected] / [email protected] / [email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"