[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Responsible disclosure
Hi Bram. If it's security related then we have...
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-security
... which is a closed list soly subsribed to by Nick and a few others.
That said though we set that list up years ago for this purpose and
I'm not spotting it advertised anywhere, so might no longer be the
best point of contact. Nick can advise.
Cheers! -Damian
On Thu, Sep 18, 2014 at 1:59 PM, Bram de Boer <bram@xxxxxxxxx> wrote:
> Hi,
>
> How can I responsibly report a bug that might affect security (e.g. possibility to DoS Tor nodes)? I searched the torproject.org website, but couldn't find any pointers with respect to responsible disclosure.
>
> Do I just file a trac ticket and/or drop it in this mailinglist? Do I report it directly to some of the key players in this project (Roger, Nick, etc.)?
>
> Thanks,
> Bram
>
> _______________________________________________
> tor-dev mailing list
> tor-dev@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev