[openssl-project] Simplifying the security policy

Mark J Cox mark at awe.com
Mon Jan 15 16:07:13 UTC 2018

Thanks for reviewing, I didn't change the wording for any of the
definitions of severities from the original policy because those could
change how we rate issue which is a more substantive change to the
policy for later.


On Mon, Jan 15, 2018 at 3:25 PM, Salz, Rich <rsalz at akamai.com> wrote:
> I like your changes, except that I was  confused by the multiple references to “timing channel” attacks and had a hard time telling which is which, and why.
> _______________________________________________
> openssl-project mailing list
> openssl-project at openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-project

More information about the openssl-project mailing list