On Sun, Jan 15, 2006 at 10:48:23PM +0000, Steve Kemp wrote:
> That is a good idea.
I'm happy to hear you consider this a good idea. I actually
thought it would be a lot more controversial and spent a fair bit
of time thinking about the pros and cons. But let's give people
some more time to complain loudly about the idea :-)
> In the past I've used livejournal for that
> purpose, limiting access to a defined group of people and hoping
> they won't leak. (To date nobody has, but also to date nothing
> has been terribly severe or serious either.)
Yes, it would be illusionary to assume that messages will not
leak from such a list in some way. While there has been an ITP for
a mailing list manager that transparently handles encrypting to
gpg pubkeys of subscribers (#316128) which could be used, there has
been little progress since, and even with such a solution a
compromised host system could leak the mails.
It probably makes sense to just accept the risk and live with it.
Wait.. here's an idea: If we minimize the time between discovery
and disclosure - ie. get bugs fixed quickly - the messages will be
of less value to a would-be attacker, so why don't we take that
sort of solution to the leak problem. :-) </only-half-joking>
> I think the practical nature of publishing things after the
> fact might be hard to manage. (Unless there is some magical
> mailing list software that does the job already, of course.)
I suppose we could archive the list in an mbox local to the
server and bounce (as in mutt <b>) messages to debian-audit or a
dedicated list when they should be disclosed. Or just publish
one mbox per bug with the complete discussions.
It's getting late and I should be reading Kracauer for tomorrow.
Looking forward to more discussion then..
cheers,
Max
|
