[dev] PGP keys for security at horde.org
Thomas Jarosch
thomas.jarosch at intra2net.com
Tue Jul 1 15:19:04 UTC 2014
Hi,
given the recent development in world wide data snooping
of government agencies, I guess it would be a good idea
if there's a secure way to report issues to security at horde.org.
Otherwise information about possible exploit vectors might fall
into the "wrong" hands before a fix is publicly released.
We could define a set of PGP keys on http://wiki.horde.org/SecurityManagement
that could be used to report issues on the "security" email alias. Or we
could create a distinct PGP key that's shared among a few trusted people.
Opinions?
Cheers,
Thomas
More information about the dev
mailing list