While US law focused, you might take a look at the few guides by the EFF (Electronic Frontier Foundation).
http://www.eff.org/issues/coders/vulnerability-reporting-faq Cheers, --scm On Mon, Jun 15, 2009 at 2:14 PM, Giuseppe Fuggiano<giuseppe.fuggi...@gmail.com> wrote: > What are, if any, the legal and "ethical" things to do before someone > could publicly disclosure a given vulnerability? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
