Brian Lloyd wrote:
As the person who unfailingly gets flamed no matter which way the
decisions leans :), I think we are probably at a point where we
should have an official, documented and community-agreed-to policy
on how these kinds of things will be handled.
My intent was not
Brian Lloyd wrote:
...or will decide that doing so is unreasonable and use something
else instead :( Note that I'm not necessarily criticizing that
particular policy, just pointing out that _any_ policy will have
some upside and some downside. The challenge will be coming to
agreement on a
On Fri, Jan 23, 2004 at 09:45:43AM +1300, Richard Waid wrote:
Brian Lloyd wrote:
...or will decide that doing so is unreasonable and use something
else instead :( Note that I'm not necessarily criticizing that
particular policy, just pointing out that _any_ policy will have
some upside
Paul Winkler wrote:
On Fri, Jan 23, 2004 at 09:45:43AM +1300, Richard Waid wrote:
How about something along the lines of:
- Development team only disclosure for the first x days (2 to 7 days is
the maximum here I would think), in order to develop a workaround/patch.
- Full disclosure after
