>> Yes, please. In fact, I would just say shorten that to >> [EMAIL PROTECTED] instead of the overly-obscure >> [EMAIL PROTECTED] and just use [EMAIL PROTECTED] > > "security" means different things to different people.
I'm surprised no-one has yet mentioned http://www.wiretrip.net/rfp/policy.html . This is Rain Forest Puppy's Full Disclosure Policy, which has achieved a reputation in the security world as a fair summary of how reporters and maintainers should interact. "...the ORIGINATOR should address the ISSUE to: security-alert@[MAINTAINER] secure@[MAINTAINER] security@[MAINTAINER] support@[MAINTAINER] info@[MAINTAINER] regardless of their existence. Anyone who could be deemed as a 'MAINTAINER' is encouraged to populate at least some of the above email addresses." Of the above, I suggest we populate "[EMAIL PROTECTED]", because it's IMO the most sensible and appropriate of the five. Gerv