|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Predisclosure-applications] Xen pre-disclosure list membership application
Dear David, thank you for the application and apologies for the delay in responding. > On 22 Feb 2016, at 21:02, David M. Syzdek <david.syzdek@xxxxxxxxxxxxx> wrote: > > Xen Security Team, > > I am writing to request my company be added to the Xen pre-disclosure list. I > have included the information required by the policy published at > http://www.xenproject.org/security-policy.html. > > > Name of Organization: Alaska Communications Systems, Inc > Name of Department: IP Engineering > Pre-disclosure E-mail Alias: ip.security@xxxxxxxxxxxxxxxxxxx > > Description: > Alaska Communications Systems, Inc is a telecommunications company > serving the residents of Alaska. Our network serves between over half of our > state’s residents, business, and government organizations either directly or > indirectly. Our network support systems such as RADIUS/TACACS authentication, > subscriber provisioning directory, caching recursive DNS servers, customer > portals, customer web hosting, and monitoring solutions are built upon Xen > guests which in turn run on Xen hypervisors using an internally maintained > Xen package for Slackware Linux. > > Services running under Xen: > LDAP - Subscriber Provisioning and Internal NIS > HTTP/HTTPS/FTP - Subscriber web hosting > RADIUS - Subscriber Authentication/Accounting > RADIUS/TACACS - Network device AAA > Network Monitoring/Performance Tools > Internal UNIX support systems Please can you clarify under which classification you are applying, from the list in the policy[0]: * Public hosting providers; * Large-scale organisational users of Xen; * Vendors of Xen-based systems; * Distributors of operating systems with Xen support. We think this means you are applying in the following category * Large-scale organisational users of Xen; Could you please double check the section named "Pre-disclosure list" in [0] and confirm our assumption, or otherwise let us know which category you are applying under. In the case that you apply as a large-scale user, we would also need some information regarding the number of hosts and VMs that you are running, to check whether you qualify. > Evidence of your status as a user/distributor of Xen: > This is our first public disclosure of our internal use of the > Xen Hypervisor, as such we do not have existing public web pages detailing > our use of Xen. Our policy[0] states that we must consider evidence on your usage of Xen on your public web pages. The intention of the web pages is to make it easy for us to verify that you are indeed using Xen. Unfortunately, we cannot currently verify that this is the case. We would appreciate, if you could make a suggestion on how we would do this. Best Regards Lars. [0] http://www.xenproject.org/security-policy.html _______________________________________________ Predisclosure-applications mailing list Predisclosure-applications@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/predisclosure-applications |
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |