[nsp-sec] Circle of trust [was: Vetting: Wang Hua]

[Kistler, Kris]

As someone who waited in the wings for a long time to get on the list, I
like the thought that was raised of a temporary, say 3 months or so
vetting in the -discuss arena.  Perhaps even a more formal process of
maintaining a "designated contact" list for such persons as documented
resources for the group until they have proven themselves as responsive
to issues is a great compromise to allow persons without the
prerequisite networking/security contacts in the field to "prove" their
loyalty prior to risking the web of trust established in the full list.


The comment "he is not a dedicated security guy at CT (and CT does not
have any) and I am not sure how much efforts he can or will make, he is
not the best candidate", makes me a little hesitant, and I have not
heard anyone step up to personally vouch for him as yet.  That given, I
do feel there should be a method by which persons not yet part of the
clic can join and become productive as that helps everyone involved.
 
Enjoy!
Kris


-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Yiming Gong
Sent: Thursday, January 28, 2010 2:33 PM
To: NSP-SEC nsp-security
Subject: Re: [nsp-sec] Circle of trust [was: Vetting: Wang Hua]

----------- nsp-security Confidential --------

I should clarify things a little bit here, I knew Wanghua (used to have 
work relationship with him for about 2 years). The reason I wrote 
"Wanghua can be a good person whom the security community can talk to 
and hopefully baby-steps can be taken " is he is not a dedicated 
security guy at CT (and CT does not have any) and I am not sure how much

efforts he can or will make, he is not the best candidate, but besides 
him, there is no any other people i can think of.

He applied for nsp-sec, which to me sounds like he is interested in 
doing something. With so many security incidents pointing to CT network,

having a representative on the list and letting CT realize how bad 
things are probably is a good idea.

Regards.
 
Yiming
> I will take that as "I cannot vouch for the person Wang Hua, but would
like another CT person here and Wang's position sounds right".
>
>   



_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security

Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________

This message contains information which may be confidential and/or privileged. Unless you are the intended recipient (or authorized to receive for the intended recipient), you may not read, use, copy or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by reply e-mail and delete the message and any attachment(s) thereto without retaining any copies.