Open Stack

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/13/2014 05:27 PM, Grant Murphy wrote:
> 
> 
> On Mon, 2014-01-13 at 08:24 -0800, Nathan Kinder wrote:
>> Hi,
> 
> Hi Nathan,
> 
>> 
>> I have started to put together a wiki page skeleton outlining
>> the process to follow when writing a new Security Note (OSSN).  I
>> think it's far enough along to share.  Any feedback and
>> suggestions would be appreciated!  The new page is available
>> here:
>> 
>> https://wiki.openstack.org/wiki/Security/Security_Note_Process
>> 
>> There are a few things that I think need to be added or
>> clarified:
>> 
>> - Do we want to change the numbering scheme?  We've discussed
>> using something similar to the OSSA numbering scheme (YYYY-XX).
>> This would be an improvement over what we currently use
>> (Launchpad bug #).

One note I would use the same number sequence, e.g.:

OSSA-2014-01
OSSA-2014-02
OSSN-2014-03

The reason for this: "OSSA-2014-01" vs "OSSN-2014-01" is kind of
messy, harder to search/etc. Also I would advice using more than 2
digits (3 should be safe).


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJS1J1iAAoJEBYNRVNeJnmTqmsP/0XQuAKdOvYOVvNmhX0PBfSA
wFrqU75DBsR5yH70tZzb6MZvZNdRETB5/fTRpXf5zi6wqPmWks+hWmRLlkA6+E9i
yFcwJHoC/BMl7k6UmHYMnWVnzFhfFFW6LUWE/wRw/q6VMzvloqIipT1eFmn6onZI
H6lSm332LPqoSmlEvxjx3rOyhoPuj59SKIfDKLoRx1J4U95BaAeQdUkqSpAyfhbQ
ESla5+TWWL29CxjTcPllCcxo15U6TN9H4skK2VPDB9A9wXdjuhSpaU7xoQBiCpQL
j8XBDtob9yfcpPGaAM6DDg0UnjfzaCsT6TRq4XN4KFD8Ri/tah4VZ680zh51+0C2
3blJC6HkseTAa8F3x4wB6CpAKjm1fnsdaEbstTrVFvAWqUEX3U90nOlhDxUdBEIQ
G+ZTqoYYJZvv4OndLqJRzSWD/Cr0QjVtow53vqIyYn9prRT8nO/USceOZX4gx44F
BRtBLhi/mEE9c4nFHEwAadkefoot1s9JD7WycVJWHzUKs1B9iurPv1UlmjePPyGh
yW+QekR6fCdjO02UFYzh8XXpqreSrHjnPCiQiUr4/03B76wN6ERgreq/76d4mkfY
S+mViSzEL2lG8in4KUbMO1Ql5OPTscUdH0WhsPOYbQkFaj5xPE9GfBcVZbDqvXoX
AT9mzC7goal1peHMz12z
=QQtF
-----END PGP SIGNATURE-----