Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 21 Apr 2011 08:20:48 -0400
From: "Jason A. Donenfeld" <Jason@...c4.com>
To: oss-security@...ts.openwall.com
Subject: Re: RE: [security-vendor] Closed list

Likewise,

pub   4096R/A5DE03AE 2011-01-15
      Key fingerprint = AB99 42E6 D4A4 CFC3 4126  20A7 49FC 7012 A5DE 03AE
uid                  Jason A. Donenfeld <Jason@...c4.com>
sub   4096R/FB1EFB7F 2011-01-15


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2.0.17 (GNU/Linux)

mQINBE0yIvABEADc7Zn9kj02BBd1JQMtyidTHLbY2JnmMlGFx2pwoBCuw3ObDo3G
s7GDxhiK7KoupaUbPklp8NSk914kusr0IOfCcis6lINOKEt3v31yJOpZzWxa0Wha
DXUDWVJc4XhKSdg1LeNtFpLIl1CuOtmaMdOaH8lpKkr/5sL4FeG0g/a3R3ZOzOOj
zoGAx79pyhp92L/qo5FfATTzmD2Pq9m6rxcftiO312gpT7ztKlWvsDmc4iJyyL54
1m57zSkG5aJqFexwW3C/iJOCSAiY/r6QTmqkbVA2BSSPANOXX9v0A1GX1rcayywR
w7qZelYpaH6pBLUioI2mmnO432kxK2UKrxd3+1wz1G+fg3GWjaabruVnR+KBV4uJ
Q140o6oj/r9k1Busl6elyDeFAdmO6D6i9Pj90oXJIEk0/wxf+DPmag8lVmxEH1CL
ST0M1t68sR38VhNSeyTdcwnsW20D1Ag55aGk3ZN5eXDIw3ccGzFPBfV3w5wfGwWz
idMmAQMxAmhnQCqwSjIXzv1Gv4NeVGze+/t28zUQInTZyZmxi5niMiz0NUeLqREX
bepmUJulYPeXrty/6/7N6jkakXp7kNGIK2Zigadca/18x9H5DgEXHl0eW7ZOgSUH
qQmmnvNNrArhYXlckYapIAZhwLJDGgv3ZhRyYRCEQ9BktVcE0+2R6zb3GQARAQAB
tCRKYXNvbiBBLiBEb25lbmZlbGQgPEphc29uQHp4MmM0LmNvbT6JAjgEEwECACIF
Ak0yIvACGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEEn8cBKl3gOuRlwQ
ALhZNe3dtbHtNuU/jeK932a4nljdSsBDbEpS0f+d5rQL9yMgmxb3BLrGSTrYJDW4
5djmRopzS543ojT7sgPXKFxCBE5FMSairwoQvg+cmGjdeyAi4Ckn8p/mwIxUzuQM
KNZHjUIwcl60SBoblYUgybUAVOLWq2RF/UOGy87ICuRkX1PFwQ+Xa2yS4ludnSTx
df5l+Tx5vm5YkJ/anea0uJzxheWXLteXW697K5d00brNq6zlkTJ151vtEfZXyuTx
ldqs1P11+ee6MjpdrCAKn93s+CjYK3icXBZN4ip+plrbnqCg5Df4+FkIJlTaGVA6
rE8Fv5t9cVE3OqkmnVdpNjorEHuPO0kJh8UBAjGDFa/K4s1XOBfabOZ08/RrpFoy
7kh4Ie9X+u5Cndq79Jv+HBrWgs7TfBlah5c+Y5/bmBUms9hZpEhEg/mQGsue0zqf
/ib6WPJE3yWBg4siQEM1P1HXuf7y4+L6voXR3Shk9Yen7kk3UPyKt9DtnUSNCTB8
uez6sznLT8klMmEeHQcu5VJETHl8tNS0BzZTDi0D4uoVoUH+UbKG6+c+zBCIR8My
mSPk2ygDxxhO7Uul1ZcUWuIqlvqhpYoMAxJfNxBB4zPPzHVurD4aYJQ5cZfn48Nq
rdix7LGrwaHzbEydxc9FO6VnSjLAOY/rWJFUePYPQFlvuQINBE0yIvABEAC+xc7D
Pc7be5wloPAg/Lk+SQdK8BnGUxmSykh2QMkjTtRm9GZdLCpKe+1GwctVJ3O1QB5r
3xVclJPMbr5I7v5Cqy17t8RzWbXSLv6P3W+CoA4vrcu2Mjq0K5k9mvPxr+W8AHW7
Z2Lyt4uRTAudomCviXeSOEzQEWo5fgWiV3rmffS39xogXZMVUPQdkPWr1IcJKjdH
mFB62YRoLEOPC3xUpw0u0cQTmN11/P/tvBKqUIw7x3t+L1UF0OscLrB9Wag/EPcN
XPg5L0u2qmu6RjEVYHK3o2Kenq3Fx+BuUv7cyKnJwNME19+e9IK6bEjTNZSEON3+
ZnH2LknSKRNGIh8ClZbwYh56v3pclWRAelJdNErlvBW7J6wv8OhBTtTMNVvJxTxw
DNoQbjF2IG+J8DcXxXE9F+wbddXcSGaN4rE0XJM8JKF48AdPcNUECuVbw4eL0UvJ
ghFkSqt4yGQAsWKtMLwjMH2840qRcF5c91RGAKjsWb26zkPtHvGAZK6sacoASPhs
P8kDJIdSj1LbMDci86EOPjLpdXw76QCeOMCBWQ5yK6++8c3ye4ega9JuqOU4p2hf
OzsXdULK2Nm2tFHxM2vGrTJjf5MHB3c1uJbycs8xq/rJL4bDHU4/6nclZgsq/xeh
aFMhq6vQvlsN4l40m1eYOYvzparqwVSz8MPM3QARAQABiQIfBBgBAgAJBQJNMiLw
AhsMAAoJEEn8cBKl3gOuBOgP/RNd1b1HKoiaEnIs6cPeG6ICjiAGrxqi4dWUKRdO
mKa/UDTQ4NCH3v7I9+2Rg6800Xr7b2FYgweikitJuDWvV9dCJkqyUe1QTAMdPuGk
6j1QE0ldAL6Q0035ii+/sPB4NhSgeeS+vOaXIzh9wyZw/5hoO5kjuiDC1JITIJZ6
b7ZPjB8ND010AUK1q22qvrX0W4RNHlDWluANpj/mS7UsKcRSsR3PautC0LZQh18o
o1LTstYNfSDlcKDCmOhiNP/0ZSnXFdT8nWU265owXzfZraRXWe6fsOTp5LCpjKcl
EswTCjm9q/vGd6Y1/UygaDT7PSa7aStp7AiWMxlETPrcHrWcPjFqJJgm6Z/lk1dq
xok2mQufvtooVRTAFoBQXmr1owDPkjt9hpUo9NQkcm3ryptULP1X50G0tw5go0Z1
ZT8zlr/L23QOOsWT5aFlNEi9XLfN0tRk+n8r24w+gdZGa490/hAZTUnj/9OaF2VH
3ArQ3SuZiqREvKxPr3bgAtjREwMqeITc8VuKEiEbRtXkoqQAPfXSti5fwwAsf2mN
cQXUFuSqZWi+ljSQmmMEv6udstWiMMB6Lzi5GKgObiOy5hsasabRdlzYSA4RR6+M
+wJ9eOU1/tx6CtnHypQJ+p7rrHaHz7qqNpehVoUfDcGyQDGQz2I1UGol/oIOfn3K
q2T1
=W8U6
-----END PGP PUBLIC KEY BLOCK-----


On Tue, Apr 12, 2011 at 05:04, Zhao, Zhenfeng
<Zhenfeng.Zhao@...driver.com> wrote:
> Sorry for the late response. Please add me with the mail address as the member of the vendor-sec . Thanks.
>
> pub   2048R/66FBA52A 2011-04-12
>      Key fingerprint = BF45 878D 7941 567D 732C  D153 F997 3E81 66FB A52A
> uid                  Zhenfeng Zhao (Wind River) <security-vendor@...driver.com>
> sub   2048R/BD99FF83 2011-04-12
>
>
> -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v2.0.14 (GNU/Linux)
>
> mQENBE2kEBcBCADGU94a4sScP87HK5a9DGaTmlWyp0y7STrJlCXUDKotOm2swiFl
> uBLZD50drMw35zH6nhHPJ5gjuA9im3BThhDIybNuf0htiSQIfm0lfeRigM6GOi8i
> +1qtxJIJyq85TqZ36FQJ/frNHZ5hKG6++rF9r/HhDJZkyztu2ht2Mt2G+WsXjPPT
> c/11nHEapI6LhI1lJi27Qmn/btehWgAbKsswMLEeUARzumTvM7NV7iNDKVPcwwCp
> EDVu9ynreQoNx2Ts3d9MKCR5xtQiMODCkWfqsjXIxRNCD0AA6FBVG4dudI5MiLsI
> 0BKvcvosV9WZivh4L0CIdndGEbTR0iRiyA8vABEBAAG0OlpoZW5mZW5nIFpoYW8g
> KFdpbmQgUml2ZXIpIDxzZWN1cml0eS12ZW5kb3JAd2luZHJpdmVyLmNvbT6JATgE
> EwECACIFAk2kEBcCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEPmXPoFm
> +6UqfmEH/2mDk4nUqvK9KfSIeRZ5bPASkDop2+6XebHEyspZMeD4XfMd8hVtkujN
> r/GvhhIMNmia5aAwYYvYOajF8yJWKGEarC75NGQXx7RKuIj4ZPRKk7sstDpomx2e
> Ykg1RM72k54nniEhaqKuzqaB/A/kYQ5h+1y+J/+5IlbQvqMg3HHzxKPYZzWmkC+X
> wBr6+RxGXsKxmuySXw2poHCrMXmZurgHmVxOn2ZKLCJUAbBkiDHJtTMnIyzPuOF8
> 2PdkjtFQlOm7g6fKCYleAPm+0p7def9LifWE793RfzQ9Otfoyj7kISQdNdO+UIw5
> jj5dQboz4GJn25aV3PvMq2CSU92ZFhO5AQ0ETaQQFwEIAL09RT5SYAFa5GuIY3oW
> wzeBEhPYh4YQWMPYTLow5Xd56FUhNEoxMYzoKuR9SiFOdcRBTmYXozuVqhkewx+O
> dKPWmOoQrba0G/dEW4UnCjmWviDFdQKOQs/WY3xgUZfjEvAB0ijQKiwFcteH3oo9
> a4rSRcClh+pFJp4XflqKr9HCVwNOT7cmVOM++91cWHbhXwt+HCXOmkQbgvnXdsaa
> Y9pku5OHFUNZ02pNFwZDMppFwB4gFZj3FI9B8WgLNt0iEuYB9WgofrLwDehFx7tO
> JgnWhBMz4rXgGehU50uKZ6omRWFl/cZC98EWR7P4lYYsv/1gy+9ruqhahsOETrrz
> B3UAEQEAAYkBHwQYAQIACQUCTaQQFwIbDAAKCRD5lz6BZvulKnvDB/9AzCamF6cw
> KCalit32iGbwPNsuTkk6OFU9roXLVWuzWJZlUV443xGVCxedeg6PKytIHh+ebll8
> 1WtqnWCoqtZ+yguOrrLiTc4qs78kecKW7GhfxVjF2EoQPTNch68jCL5j75GJDffg
> 129M/m4/TZWU8JkS3hJC9kI4ZDg3z1Pj8ecocKt6MSCwgPbrgkmNf7aFsHV1CnbT
> 5ZCUYF00jeGnfK2wnLeraTDVD0i/+1KiTdaufOCvMlDDWlDfFwK3NBnbsf03F8ot
> /KSWSvp0uB6+G3w5acuBfgnsAI66RujU6xq+i5IMMnkDyYilazftnRBcTG2Mg9eP
> Peaf8ujaWsJU
> =n1zi
> -----END PGP PUBLIC KEY BLOCK-----
>
> Thanks,
> Zhenfeng(Jeffrey) Zhao
>
>
>> -----Original Message-----
>> From: owner-security-vendor@...driver.com [mailto:owner-security-
>> vendor@...driver.com] On Behalf Of Josh Bressers
>> Sent: Saturday, April 02, 2011 2:03 AM
>> To: oss-security@...ts.openwall.com
>> Subject: [security-vendor] [oss-security] Closed list
>>
>> Hello everyone,
>>
>> This topic has lost focus lately. Rather than let it slip away, I think we should
>> go ahead with the simplest solution right now, we can always do something
>> different at a future date.
>>
>> Openwall has graciously volunteered to run a new list, and they currently
>> have some infrastructure in place to do this. The new list can start up right
>> away. In this instance, I fear perfect is the enemy of the good. I'd rather see
>> something functional in place than nothing.
>>
>> Here is the plan for initial membership (this is also approved by Openwall).
>>
>> Initial members will have had to be a vendor-sec member (no exploders this
>> time around). You must reply to this thread, in public (on oss-security).
>> We want this to be very public, we have nothing to hide. You must have a
>> public gpg key ID included in your reply. The new list will gpg encrypt all mail
>> (it does accept plaintext messages though).
>>
>> Once we have an initial seed group, we can focus on future membership
>> ideas.
>>
>> Thanks.
>>
>> --
>>     JB
>



-- 
Jason A. Donenfeld
Deep Space Explorer
+1-513-476-1200
www.jasondonenfeld.com

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.