Frank Hecker wrote: > However I believe the intent was that we (mozilla.org staff) would > encourage the security module owner, peers, and the security bug group > to consider issuing such vague warnings where appropriate, but would > not mandate as an absolute policy that this be done immediately upon > the security bug group becoming aware of the existence of a bug.
Would I be *allowed* to issue such warnings on my own, without havong to ask anybody, on a regular basis, to a Mozilla forum or to my own (Beonex) users? Your response to my proposal suggests that some reporters might object to a warning policy, so why wouldn't they object to a warning done by me?
