|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Predisclosure-applications] Predisclosure list application
Hi James, Thank you, your application is largely fine, we have just one issue: Please could you clarify the scope of your jump-admins@ alias. It is intended that predisclosures go to a small team dedicated to handling incoming security issues, rather than a large team of system administrators. We would prefer a dedicated security@ or some such. It doesn't affect your application but several members of the Xen security team found your http://www.jump.net.uk/contact page unclear, in particular "please open a ticket with us at support <at> , highly confidential reports can be sent to directors <at>.". Adding the specific domain or perhaps some alternative formatting for the hint towards the email address to use (e.g. some <tt> tags) might be beneficial. Thanks, Ian. On Wed, 2015-05-13 at 15:09 +0100, James A. T. Rice wrote: > Hi, > > I'm from Jump Networks Ltd, we offer VPS services using Xen to > customers as per http://www.jump.net.uk/vps , so believe we fit the > criteria for inclusion to the predisclosure list. Invitation to > report security issues to us is at http://www.jump.net.uk/contact . > Your policy and terms for inclusion onto the list has been read and > accepted. We'd like jump-admins@xxxxxxxxxxx to be added to the list. > > Thanks > James Rice > Director > Jump Networks Ltd > _______________________________________________ > Predisclosure-applications mailing list > Predisclosure-applications@xxxxxxxxxxxxxxxxxxxx > http://lists.xenproject.org/cgi-bin/mailman/listinfo/predisclosure-applications _______________________________________________ Predisclosure-applications mailing list Predisclosure-applications@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/predisclosure-applications
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |