'Responsible Disclosure' Draft Could Have Legal Muscle

'Responsible Disclosure' Draft Could Have Legal Muscle
Mark Rasch, 2002-03-11

A proposed Internet standard would dictate how researchers report and vendors close security vulnerabilities. Ignoring it could be risky for either side.

Expand all | Post comment

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-11
Michael Morgenstern

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-12
Coldman (1 replies)

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-13
Francisco Sáa Muñoz

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-12
Chris

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-12
Michael Morgenstern

Not all RFCs are standards (see RFC 1796) 2002-03-13
Dwonis (1 replies)

Not all RFCs are standards (see RFC 1796) 2002-03-14
Hal

In fact this document CAN NEVER become a standard. It is clearly labeled at the top "Category: Best Current Practice".

Documents that are intended to become standards are labeled "Category: Standards Track".

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/66/11019#11019

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-16
Keith

'Responsible Disclosure' Draft Could Have Legal Muscle 2002-03-22
S.Ye

Grace Hopper and Liability 2002-03-22
J.R.

Some good points, but too legalistic. 2002-03-22
Anonymous