On Fri, Jan 23, 2004 at 09:45:43AM +1300, Richard Waid wrote: > Brian Lloyd wrote: > >...or will decide that doing so is unreasonable and use something > >else instead :( Note that I'm not necessarily criticizing that > >particular policy, just pointing out that _any_ policy will have > >some upside and some downside. The challenge will be coming to > >agreement on a policy with the right balance that everyone can > >live with. > > How about something along the lines of: > > - Development team only disclosure for the first x days (2 to 7 days is > the maximum here I would think), in order to develop a workaround/patch. > > - Full disclosure after that, along with a published patch, hotfix or > workaround.
OK, but what if there is no patch, hotfix, or workaround ready after 2-7 days? Some of these bugs have taken much longer. -- Paul Winkler http://www.slinkp.com Look! Up in the sky! It's PSUEDO LIGHTNING FRED! (random hero from isometric.spaceninja.com) _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
