Preferential notice of new versions
jlewis at lewis.org
jlewis at lewis.org
Sun Feb 4 18:41:24 UTC 2001
On 4 Feb 2001, Sean Donelan wrote:
> It seems pretty clear if you don't pay, you receive exactly the same
> advisories you receive now. No more, no less, no sooner, no later.
>
> CERT has always told a few other groups about vulnerabilities prior to
> their public release of advisories (vendors, some affected parties, etc).
The odd thing is, I think Paul said past and future security notifications
have been and will be distributed via CERT (to non-bind-members). I could
be wrong, but I don't think I've ever gotten initial notification of a
BIND security problem from CERT. Heck...even this most recent one was
first publicized via nanog several days before the CERT notification.
Obviously, if the masses have to wait for CERT, we will be getting later
notification than in the past.
--
----------------------------------------------------------------------
Jon Lewis *jlewis at lewis.org*| I route
System Administrator | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list