KF wrote:
Steven M. Christey proposed the responsible disclosure lame draft and signed it.Blue Boar wrote:Georgi Guninski wrote:Recently when I notified some vendors about a vulnerability, I wrote something like a license agreement that the info should not be disclosed to m$, cert, mitre, sf and others.
What have you got against Mitre?
I have certainly seen some of the folks at Mitre go out of their way to get things documented properly and other things of that nature quite a few times. Steven M. Christey in particular...
I find it quite hipocritical to propose delaying of information, and at the same time mitre to get the 0days before they are released.
Georgi Guninski
http://www.guninski.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
