This repository has been archived by the owner. It is now read-only.
Security policy and secrecy #118
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
geebotron commentedMay 10, 2016
I'm interested in your security policy.
On this page you request serious security vulnerabilities in IPFS be reported privately and not made public. This is in contrast to, say, the OpenBSD security policy which encourages full public disclosure.
I'm interested to know how you think your policy improves the security of someone who hosts a "live" IPFS node, given that any vulnerability you have been made aware of, may also have been circulated among other "organizations"?
The text was updated successfully, but these errors were encountered: