https://www.big-8.org/w/index.php?action=history&feed=atom&title=Nan%3A2010-01-02-rfd-comp.security.announceNan:2010-01-02-rfd-comp.security.announce - Revision history2026-05-05T14:21:18ZRevision history for this page on the wikiMediaWiki 1.43.1https://www.big-8.org/w/index.php?title=Nan:2010-01-02-rfd-comp.security.announce&diff=1642&oldid=prevSbonine: Created page with "<pre> From: "David E. Ross" <nobody@nowhere.invalid> Subject: RFD: comp.security.announce (remove) Message-ID: <GfKdnciv2KHcUb3QnZ2dnUVZ_h2dnZ2d@iswest.net> REQUES..."2011-01-03T03:29:51Z<p>Created page with "<pre> From: "David E. Ross" <nobody@nowhere.invalid> Subject: RFD: comp.security.announce (remove) Message-ID: <GfKdnciv2KHcUb3QnZ2dnUVZ_h2dnZ2d@iswest.net> REQUES..."</p>
<p><b>New page</b></p><div><pre><br />
From: "David E. Ross" <nobody@nowhere.invalid><br />
Subject: RFD: comp.security.announce (remove)<br />
Message-ID: <GfKdnciv2KHcUb3QnZ2dnUVZ_h2dnZ2d@iswest.net><br />
<br />
REQUEST FOR DISCUSSION (RFD)<br />
moderated group comp.security.announce<br />
<br />
This is a formal Request for Discussion (RFD) to remove moderated<br />
newsgroup comp.security.announce.<br />
<br />
RATIONALE:<br />
<br />
According to Google's archive there has been only one message posted to<br />
this group (on 28 July 2009) in the past three years.<br />
<br />
This group has no charter or archived FAQ. The latest "List of Big<br />
Eight Newsgroups" (15 December 2010) states that this group is for<br />
"Announcements from the CERT about security." The latest two such<br />
announcements were on 28 July 2009 and 29 December 2005. There have<br />
been numerous alerts about security vulnerabilities in 2010 posted on<br />
the US-CERT Web site (see below), none of which have been posted to<br />
comp.security.announce.<br />
<br />
A newsgroup message sent to comp.security.announce on 24 November 2010<br />
did not appear posted on that group. A bounce was not possible because<br />
the From address was munged. Another message was sent on 28 November<br />
2010 with a valid From address. That message too did not appear posted<br />
on the group.<br />
<br />
CERT is an organization within Carnegie Mellon University. E-mail to<br />
<cert@cert.org> -- the contact address indicated on the CERT Web site --<br />
asking if comp.security.announce is still being used resulted in a reply<br />
from a Jeff Smith with a cert.org E-mail address. Smith's reply was:<br />
"David, we no longer post to newsgroups. Please check the US-CERT<br />
website for alternative ways of being alerted."<br />
<br />
US-CERT is an organization within the U.S. Department of Homeland<br />
Security. E-mail to <info@us-cert.gov>, <soc@us-cert.gov>, and<br />
<us-cert@us-cert.gov> -- addresses all indicated on the US-CERT Web site<br />
-- asking if comp.security.announce is still being used have resulted in<br />
no replies. The last such message was sent 28 October 2010.<br />
<br />
An E-mail message was sent to comp-security-announce@moderators.isc.org<br />
on 5 December 2010. Neither a bounce nor a reply were received.<br />
<br />
NEWSGROUPS LINE:<br />
<br />
comp.security.announce Announcements from the CERT about security.<br />
(Moderated)<br />
<br />
DISTRIBUTION:<br />
<br />
news.announce.newgroups<br />
news.groups.proposals<br />
comp.security.announce<br />
comp.security.misc<br />
<br />
Folowup-To: news.groups.proposals<br />
<br />
CHARTER OF COMP.SECURITY.ANNOUNCE<br />
<br />
There is no charter archived at<br />
<ftp://ftp.isc.org/pub/usenet/news.announce.newgroups/comp/> for<br />
comp.security.announce.<br />
<br />
HISTORY OF THE GROUP:<br />
<br />
The earliest message posted to comp.security.announce found in Google's<br />
archive is dated 6 May 2000. For a number of years, messages about<br />
computer security vulnerabilities were posted when such vulnerabilities<br />
were discovered. Later, such messages were posted only after the<br />
vendors of the affected software or hardware released fixes. US-CERT<br />
now issues its messages via E-mail, RSS, and similar services to<br />
subscribers. Carnegie Mellon's CERT maintains a database, but I cannot<br />
locate a subscription service.<br />
<br />
PROPONENT:<br />
<br />
David E. Ross <david@rossde.com><br />
<br />
PROCEDURE:<br />
<br />
Those who wish to comment on this request to remove this newsgroup<br />
should subscribe to news.groups.proposals and participate in the<br />
relevant threads in that newsgroup. To this end, the followup header of<br />
this RFD has been set to news.groups.proposals.<br />
<br />
In the course of the removal process three formal announcements will be<br />
posted (1st RFD, 2nd RFD, and LCC), each taking two weeks. At the end of<br />
the process the B8MB will vote on the issue.<br />
<br />
Available options for comp.security.announce are:<br />
- leave the group as it is<br />
- remove the group<br />
<br />
For more information on the removal process, please see<br />
<br />
http://www.big-8.org/wiki/Group_Removal_FAQ<br />
<br />
CHANGE HISTORY:<br />
<br />
2010-10-26 E-mail messages sent to CERT and US-CERT<br />
2010-10-27 Reply received from CERT (group no longer used)<br />
2010-10-28 Additional E-mail messages sent to US-CERT<br />
2010-11-24 Newsgroup message sent to comp.security.announce (munged<br />
reply address)<br />
2010-11-28 Newsgroup message sent to comp.security.announce (valid reply<br />
address)<br />
2010-12-05 E-mail message sent to comp-security-announce@moderators.isc.org<br />
</pre></div>Sbonine