[arch-devops] security at archlinux.org address
Daniel M. Capella
polyzen at archlinux.org
Mon Feb 18 18:08:27 UTC 2019
On February 18, 2019 4:57:16 AM EST, Morten Linderud via arch-devops <arch-devops at lists.archlinux.org> wrote:
>On Mon, Feb 18, 2019 at 04:48:57AM -0500, Daniel M. Capella via
>arch-devops wrote:
>> https://securitytxt.org/
>
>It would be a bit benefitial if you made an argument instead of posting
>a link.
Learned about it after a check for that file was added to twa[]. Shared as it was relevant.
>I'll quote somebody elses experience with this, which makes me inclined
>to
>believe this is a bad idea in general.
<snip>
>https://news.ycombinator.com/item?id=19152145
As we're requiring encrypted communications (IIUC), it looks like that's been a fairly effective barrier.
>It's also worth noting that the link is not an argument for, or
>against, a
>"security at archlinux.org" address in contrast to a listing of team
>members. This
>is just an option to make it known.
[]: https://github.com/trailofbits/twa
--
Best,
polyzen
More information about the arch-devops
mailing list