[10051] in Commercialization & Privatization of the Internet
Re: Concerning CERT
daemon@ATHENA.MIT.EDU (Stan Barber)
Sat Feb 5 04:48:07 1994
From: sob@tmc.edu (Stan Barber)
Date: Sat, 5 Feb 1994 03:47:39 -0600
In-Reply-To: bzs@world.std.com (Barry Shein)
To: bzs@world.std.com (Barry Shein)
Cc: karl@mcs.com, com-priv@psi.com
Barry,
It appears that both you and Karl want something fast (where fast is faster
than CERT) that can't be provided by working together through user groups or
professional associations.
It appears the CERT model is too flawed, so another model needs to be
developed.
Is that a reasonable summary?
Karl proposed a communications and possible accuracy resolution mechanism
with some kind of mailing list of "certified" (my word) sysadmins. [This
sounds like SAGE to me, but the way.] You mention the need for some kind of
bonding. There is also a discussion of some linkage to law enforcement.
Is that a good summary of the two points-of-view? I am just trying to boil
this down into something my simple mind can understand.:-)
I can understand the concern about bonding some user group. Certanly, the
lawyers could have field day if the accuracy or timeliness of the information
was somehow not tied to some serious disclaimers of some kind. There is
certainly alot of software freely available on the network that deals with
security. I don't know how many authors have been sued when flaws were found
in it. Does anyone know?
The informal approach Karl suggests appears to be in the best tradition of an
older unix security mailing list of the 80s...That seemed to work pretty well,
but times have changed since then. I have to wonder if the old methods will
still work. There is always the question of continuity and how to approach
vendors for those solutions they have to provide to some of these problems
when the group is informal like that.
Just the babblings of an idiot.;-)
God bless you all (even you Barry!) and Good night.
--
Stan internet: sob@bcm.tmc.edu Executive Director, Technology
Olan uucp: rutgers!bcm!sob Architecture & Planning
Barber Opinions expressed are only mine. Baylor College of Medicine
