On 11/13/05, Jared Kuolt <[EMAIL PROTECTED]> wrote: > Perhaps we should have a turbogears-security mailing list, because > these things are bound to come up. It'd also be much nicer for those > that aren't tracking TG so closely.
Are you talking about a list for announcing security upgrades, or for reporting and discussing security issues amongst core developers? If the former, I think it's a good idea, although I would probably wrap that into a turbogears-announce list (moderated, with postings only by Kevin or the major developers). If the latter, I don't think there's a long enough list of developers to warrant a private security list--but a [EMAIL PROTECTED] dropbox might be a good idea for letting people report potential security issues privately. -- Tim Lesher <[EMAIL PROTECTED]>
