GuidelinesDraft

Revision 3 as of 2008-02-18 12:12:56

Clear message

Brainstorm

keescook:

  • keep vulns private until fixed
  • people can be team members if they agree to abide by those guidelines

nxvl:

  • not to use dangerous tests, which tools to use
  • not to touch anything if you gain access
  • not to break anything

mra:

  • gpg sign something (guidelines)
  • register that you agreed to it (guidelines)

jdstrand:

  • gpg signed the contents of an email message
  • it's important from a mindset point of view, as well as potentially legal

andrea-bs:

  • gpg sign the content of the reports
  • discuss with other members before doing something dangerous