Nan:2011-02-01-lcc-comp.security.announce: Difference between revisions
From Usenet Big-8 Management Board
(Created page with "<pre> Path: uni-berlin.de!fu-berlin.de!news.glorb.com!news2.glorb.com!news-out.readnews.com!transit3.readnews.com!panix!nan.panix.com!robomod!not-for-mail From: board@big-8.org (...") |
No edit summary |
||
Line 1: | Line 1: | ||
<pre> | <pre> | ||
From: board@big-8.org (Big 8 Management Board) | From: board@big-8.org (Big 8 Management Board) | ||
Subject: RFD: comp.security.announce (remove) Last Call For Comments | Subject: RFD: comp.security.announce (remove) Last Call For Comments | ||
Date: Tue, 1 Feb 2011 23:49:14 EST | Date: Tue, 1 Feb 2011 23:49:14 EST | ||
Message-ID: <1jw101v.1hocf361hzjgffN%board@big-8.org> | Message-ID: <1jw101v.1hocf361hzjgffN%board@big-8.org> | ||
REQUEST FOR DISCUSSION (RFD) | REQUEST FOR DISCUSSION (RFD) |
Latest revision as of 14:02, 2 February 2011
From: board@big-8.org (Big 8 Management Board) Subject: RFD: comp.security.announce (remove) Last Call For Comments Date: Tue, 1 Feb 2011 23:49:14 EST Message-ID: <1jw101v.1hocf361hzjgffN%board@big-8.org> REQUEST FOR DISCUSSION (RFD) moderated group comp.security.announce This is the last call for comments (LCC) on the formal Request for Discussion (RFD) to remove moderated newsgroup comp.security.announce. RATIONALE: According to Google's archive there has been only one message posted to this group (on 28 July 2009) in the past three years. This group has no charter or archived FAQ. The latest "List of Big Eight Newsgroups" (15 December 2010) states that this group is for "Announcements from the CERT about security." The latest two such announcements were on 28 July 2009 and 29 December 2005. There have been numerous alerts about security vulnerabilities in 2010 posted on the US-CERT Web site (see below), none of which have been posted to comp.security.announce. A newsgroup message sent to comp.security.announce on 24 November 2010 did not appear posted on that group. A bounce was not possible because the From address was munged. Another message was sent on 28 November 2010 with a valid From address. That message too did not appear posted on the group. CERT is an organization within Carnegie Mellon University. E-mail to <cert@cert.org> -- the contact address indicated on the CERT Web site -- asking if comp.security.announce is still being used resulted in a reply from a Jeff Smith with a cert.org E-mail address. Smith's reply was: "David, we no longer post to newsgroups. Please check the US-CERT website for alternative ways of being alerted." US-CERT is an organization within the U.S. Department of Homeland Security. E-mail to <info@us-cert.gov>, <soc@us-cert.gov>, and <us-cert@us-cert.gov> -- addresses all indicated on the US-CERT Web site -- asking if comp.security.announce is still being used have resulted in no replies. The last such message was sent 28 October 2010. An E-mail message was sent to comp-security-announce@moderators.isc.org on 5 December 2010. Neither a bounce nor a reply were received. No replies to the 1st or 2nd RFD were posted to news.groups.proposals. NEWSGROUPS LINE: comp.security.announce Announcements from the CERT about security. (Moderated) DISTRIBUTION: news.announce.newgroups news.groups.proposals comp.security.announce comp.security.misc Folowup-To: news.groups.proposals CHARTER OF COMP.SECURITY.ANNOUNCE There is no charter archived at <ftp://ftp.isc.org/pub/usenet/news.announce.newgroups/comp/> for comp.security.announce. HISTORY OF THE GROUP: The earliest message posted to comp.security.announce found in Google's archive is dated 6 May 2000. For a number of years, messages about computer security vulnerabilities were posted when such vulnerabilities were discovered. Later, such messages were posted only after the vendors of the affected software or hardware released fixes. US-CERT now issues its messages via E-mail, RSS, and similar services to subscribers. Carnegie Mellon's CERT maintains a database, but I cannot locate a subscription service. PROPONENT: David E. Ross <david@rossde.com> PROCEDURE: Those who wish to comment on this request to remove this newsgroup should subscribe to news.groups.proposals and participate in the relevant threads in that newsgroup. To this end, the followup header of this RFD has been set to news.groups.proposals. In the course of the removal process three formal announcements will be posted (1st RFD, 2nd RFD, and LCC), each taking two weeks. At the end of the process the B8MB will vote on the issue. Available options for comp.security.announce are: - leave the group as it is - remove the group For more information on the removal process, please see http://www.big-8.org/wiki/Group_Removal_FAQ CHANGE HISTORY: 2010-10-26 E-mail messages sent to CERT and US-CERT 2010-10-27 Reply received from CERT (group no longer used) 2010-10-28 Additional E-mail messages sent to US-CERT 2010-11-24 Newsgroup message sent to comp.security.announce (munged reply address) 2010-11-28 Newsgroup message sent to comp.security.announce (valid reply address) 2010-12-05 E-mail message sent to comp-security-announce@moderators.isc.org 2011-01-02 1st RFD 2011-01-17 2nd RFD 2011-02-01 LCC