diff mbox series

[ovs-dev] security.rst: Add more information about the Downstream mailing list.

Message ID 20201224185808.6675-1-jpettit@ovn.org
State Accepted
Headers show
Series [ovs-dev] security.rst: Add more information about the Downstream mailing list. | expand

Commit Message

Justin Pettit Dec. 24, 2020, 6:58 p.m. UTC 
Signed-off-by: Justin Pettit <jpettit@ovn.org>
---
 Documentation/internals/security.rst | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

Comments

Flavio Leitner Dec. 24, 2020, 7:45 p.m. UTC | #1 
On Thu, Dec 24, 2020 at 10:58:08AM -0800, Justin Pettit wrote:
> Signed-off-by: Justin Pettit <jpettit@ovn.org>
> ---

LGTM
Acked-by: Flavio Leitner <fbl@sysclose.org>

fbl
Justin Pettit Dec. 27, 2020, 12:13 a.m. UTC | #2 
> On Dec 24, 2020, at 12:45 PM, Flavio Leitner <fbl@sysclose.org> wrote:
> 
> On Thu, Dec 24, 2020 at 10:58:08AM -0800, Justin Pettit wrote:
>> Signed-off-by: Justin Pettit <jpettit@ovn.org>
>> ---
> 
> LGTM
> Acked-by: Flavio Leitner <fbl@sysclose.org>

Thanks!  I pushed this to master.

--Justin
diff mbox series

Patch

diff --git a/Documentation/internals/security.rst b/Documentation/internals/security.rst
index f6a31ad01116..8b4e5c3f4d5d 100644
--- a/Documentation/internals/security.rst
+++ b/Documentation/internals/security.rst
@@ -247,10 +247,13 @@  immediate (esp. if it's already publicly known) to a few weeks. As a basic
 default policy, we expect report date to disclosure date to be 10 to 15
 business days.
 
-Operating system vendors are obvious downstream stakeholders. It may not be
-necessary to be too choosy about who to include: any major Open vSwitch user
-who is interested and can be considered trustworthy enough could be included.
-To become a downstream stakeholder, email the ovs-security mailing list.
+Operating system vendors are obvious downstream stakeholders, however,
+any major Open vSwitch user who is interested and can be considered
+trustworthy enough could be included.  To request being added to the
+Downstream mailing list, email the ovs-security mailing list.  Please
+include a few sentences on how your organization uses Open vSwitch.  If
+possible, please provide a security-related email alias rather than a
+direct end-user address.
 
 If the vulnerability is already public, skip this step.