Based on my general impressions in day-to-day operations for CVE (around
150 new vulns a week on average), maybe 40-60% of disclosures happen
without any apparent attempt at vendor coordination, another 10-20% with a
communication breakdown (including they didn't answer in 2 days), and
the rest
This is a workshop that may be of interest to subscribers of this mailing
list.
http://www.ieee-security.org/TC/SP2007/cfp-W2SP.html
Workshop Call for Position Papers
W2SP 2007: Web 2.0 Security and Privacy 2007
Sponsored by the