[openssl-project] Simplifying the security policy
Mark J Cox
mark at awe.com
Mon Jan 15 16:07:13 UTC 2018
Thanks for reviewing, I didn't change the wording for any of the
definitions of severities from the original policy because those could
change how we rate issue which is a more substantive change to the
policy for later.
On Mon, Jan 15, 2018 at 3:25 PM, Salz, Rich <rsalz at akamai.com> wrote:
> I like your changes, except that I was confused by the multiple references to “timing channel” attacks and had a hard time telling which is which, and why.
> openssl-project mailing list
> openssl-project at openssl.org
More information about the openssl-project