[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NSP-SEC

Subject: NSP-SEC
From: adam at adamstas.com (Adam Stasiniewicz)
Date: Fri, 19 Mar 2010 10:08:55 -0500
In-reply-to: <[email protected]>
References: <[email protected]>

IMHO, I think you have it backwards.  I see strategic discussions (like
new crypto algorithms, technologies, initiatives, etc) should be open to
public debate, review, and scrutiny.  But operational/tactical discussions
(like new malware, software exploits, virus infected hosts, botnets, etc)
don't need public review.  Rather, those types of communications should be
streamlined that would allow for quick resolution.

-----Original Message-----
From: David Barak [mailto:thegameiam at yahoo.com]
Sent: Friday, March 19, 2010 8:55 AM
To: nenolod at systeminplace.net; jtk at cymru.com
Cc: nanog at nanog.org
Subject: Re: NSP-SEC

Total transparency in security matters works about as well as it would for
law enforcement: fine for tactical concerns, but not so great for
long-term strategic concerns.

-David Barak

On Fri Mar 19th, 2010 9:44 AM EDT William Pitcock wrote:

>On Fri, 2010-03-19 at 08:31 -0500, John Kristoff wrote:
>> An ongoing area of work is to build better closed,
>> trusted communities without leaks.
>
>Have you ever considered that public transparency might not be a bad
>thing?  This seems to be the plight of many security people, that they
>have to be 100% secretive in everything they do, which is total
>bullshit.
>
>Just saying.
>
>William
>
>

Follow-Ups:
- NSP-SEC
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- NSP-SEC
  - From: thegameiam at yahoo.com (David Barak)

References:
- NSP-SEC
  - From: thegameiam at yahoo.com (David Barak)

Prev by Date: Using private APNIC range in US
Next by Date: NSP-SEC
Previous by thread: NSP-SEC
Next by thread: NSP-SEC
Index(es):
- Date
- Thread