'Responsible Disclosure' Draft Could Have Legal Muscle

'Responsible Disclosure' Draft Could Have Legal Muscle
Mark Rasch, 2002-03-11

A proposed Internet standard would dictate how researchers report and vendors close security vulnerabilities. Ignoring it could be risky for either side.

Expand all | Post comment

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-11
Michael Morgenstern

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-12
Coldman (1 replies)

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-13
Francisco Sáa Muñoz

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-12
Chris

Ha ha ha. The day an RFC has the weight of law...
I think the IETF is overstepping their bounds a bit here.
They can suggest a method, but to imply that it would
have the weight of law is pure folly.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/66/10957#10957

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-12
Michael Morgenstern

Not all RFCs are standards (see RFC 1796) 2002-03-13
Dwonis (1 replies)

Not all RFCs are standards (see RFC 1796) 2002-03-14
Hal

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-16
Keith

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-22
S.Ye

Grace Hopper and Liability 2002-03-22
J.R.

Some good points, but too legalistic. 2002-03-22
Anonymous