[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Predisclosure-applications] Inclusion in the Xen Security pre-disclosure list

On Mon, 2015-03-02 at 17:05 +0100, Bernard Grymonpon wrote:
> we would like to be included in the Xen pre-disclosure list. 

Thank you for your application.

The security policy[0] requires "Link(s) to current public web pages,
belonging to your organisation," for each piece of information.

Please could you point us to the page which describes how one can obtain
a quote from you.

With regards to "Your invitation to members of the public, who discover
security problems with your products/services, to report them in
confidence to you;" and "Specifically, the contact information (email
addresses or other contact instructions) which such a member of the
public should use." please can you point us to such a page. I'm afraid
that the policy requires this.

Please can you provide this information so that we may continue to
process your application.

Please could you also clarify the scope of your tech@ alias. It is
intended that predisclosures go to a small team dedicated to handling
incoming security issues, rather than a large team of system


[0] http://www.xenproject.org/security-policy.html

Predisclosure-applications mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.