On Thu, Jun 4, 2015 at 5:16 AM, Yegor Timoschenko <[email protected] > wrote:
> > [email protected] - private list for reporting severe > > vulnerabilities in OpenSSL or LibreSSL to the core LibreSSL team. > > > Why is the list private? > > It doesn't combine with full disclosure principle that OpenBSD has listed > on Security webpage: It's probably a requirement to get advanced notifications from the OpenSSL project. -Gene
