Bug-reporting standards proposed to IETF

    Date22 Feb 2002
    1318
    Posted ByAnthony Pell
    Two computer security researchers have proposed rules to standardize the way security holes in software are reported and fixed. The pair, Steve Christey, lead information security engineer at Mitre Corp. in Bedford, Mass., and Chris Wysopal, director of research and development . . . Two computer security researchers have proposed rules to standardize the way security holes in software are reported and fixed. The pair, Steve Christey, lead information security engineer at Mitre Corp. in Bedford, Mass., and Chris Wysopal, director of research and development at digital security firm @Stake Inc. in Cambridge, Mass., have submitted a draft proposal outlining standards for vulnerability disclosures by software vendors and security researchers to the Internet Engineering Task Force (IETF), the Internet's main standards-setting body.

    The reason standards are needed, Christey said, is to codify the many unwritten rules known only to those in the security community, which governs disclosure of software security flaws. Standards for software vulnerabilities disclosure standards could be understood by the entire software industry, he said.

    LinuxSecurity Poll

    What is your favorite LinuxSecurity.com page/section?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    20
    radio
    [{"id":"73","title":"News","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"74","title":"Advisories ","votes":"5","type":"x","order":"2","pct":83.33,"resources":[]},{"id":"75","title":"HOWTOs","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"76","title":"Latest Features ","votes":"1","type":"x","order":"4","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.