dan-bugtraqDILVISH.SPEED.NET

• Next message: Damien Miller: "Re: "The End of SSL and SSH?""
• Previous message: Perry E. Metzger: "Re: "The End of SSL and SSH?""
• Maybe reply: Dan Harkless: "Re: OpenBSD remote root"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jose Nazario <josebiocserver.BIOC.CWRU.Edu> writes:
> On Tue, 19 Dec 2000, Dan Harkless wrote:
>
> > This has been argued before, but many think that OpenBSD's policy of
> > not having a specific security announcement mailing list is rash and
> > is poor security policy. It's great to say that someone should "check
> > the webpage more often", but obviously not everyone can watch it every
> > instant.
>
> there is the list security-announceopenbsd.org which works fine. its how
> i first heard about the FPd problem. very low traffic.

Sorry, last time I checked out OpenBSD they didn't have such a list, and
rather forced you to actively check the web page, as the message I replied
to was suggesting. This list must be pretty new -- I just checked out all
four OpenBSD mailing list archive sites, and none of them have an archive of
it.

> i have said it before and i will say it again: you should be on every
> security list your vendor puts out. nearly every vendor has one. some are
> just busier than others.

Yup, agree completely. Hopefully this post will alert some people to the
fact that that list exists now.

----------------------------------------------------------------------
Dan Harkless | To prevent SPAM contamination, please
dan-bugtraqdilvish.speed.net | do not mention this private email
SpeedGate Communications, Inc. | address in Usenet posts. Thank you.

• Next message: Damien Miller: "Re: "The End of SSL and SSH?""
• Previous message: Perry E. Metzger: "Re: "The End of SSL and SSH?""
• Maybe reply: Dan Harkless: "Re: OpenBSD remote root"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]