Hey Jarret, Thanks for fixing the draft. Two minor remarks:
"Security notification email address ([email protected])" Do we really need this, in addition to the "security issue" flag in LP and the private individual addresses ? I'm not sure either way... On one hand, one more medium to watch, on the other, security@ is common practice... Would it just be autoforwarded to private list ? "vulnerability discussion & classification (MSA/CVE)" MSA are Mozilla Security Advisories, I doubt we would issue those :) Maybe "OSA" ? Cheers, -- Thierry Carrez (ttx) Release Manager, OpenStack _______________________________________________ Mailing list: https://launchpad.net/~openstack-poc Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack-poc More help : https://help.launchpad.net/ListHelp
