[c-nsp] Prepare for router Wednesday

Jared Mauch jared at puck.nether.net
Tue Mar 11 10:32:17 EDT 2008


On Tue, Mar 11, 2008 at 09:57:11AM -0400, Jason Gurtz wrote:
> > So we need to wait 6 months for security patches if an exploit which
> > may affect us is discovered on the fourth Thursday of September?
> > That's crazy! Let Enterprise customers wait if they want, I want my
> > security patches ASAP so we can test them for a few days then deploy
> > network wide. Does anyone else think this is not a rational change?
> 
> Monthly has seemed to be a reasonable trade-off between attack window and
> manageability.  6 months seems like...yo wtf is in charge there that made
> this heinous decision?

	Actually, I know who did this and they're on the list
last I knew, so there is a chance for your feedback to be read.

	I think it's a challenge coming with any system that is
perfect.  The issue here is balance.  This strikes a balance in
favor of expecting a level of uptime from your ISPs.  If they
were rebooting once a month you might not be very happy.

	Oh well, you can't win them all.  I think this will be
good overall.

	- Jared

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.


More information about the cisco-nsp mailing list