It sounds like there is already a "closed" forum for discussing security, CC'ing all who might be interested. Making it a list just makes lives easier for all involved, and the whole thread is not lost and always exclusive only to those CC'd. (If the messages are eventually forwarded to the dev list or archived).
People are saying that they are worried about something that is already going on, in a slightly different form. As long as the committers are responsible with this other list, things should only be better. Maybe the automatic forward (with a delay) will serve to keep everybody responsible on into the future. How hard is that to set up?? Jeff Tulley ([EMAIL PROTECTED]) (801)861-5322 Novell, Inc., the leading provider of Net business solutions http://www.novell.com >>> [EMAIL PROTECTED] 10/17/02 8:14:59 AM >>> The nice thing about your current way of dicussing security issues (CC e-mail threads) is that it's a real pain in the butt. In other words, likely only to be used in the cases of necessity. -- To unsubscribe, e-mail: <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>