[nsp-sec] Circle of trust [was: Vetting: Wang Hua]

Smith, Donald Donald.Smith at qwest.com
Thu Jan 28 17:19:22 EST 2010 


(coffee != sleep) & (!coffee == sleep)
Donald.Smith at qwest.com gcia

> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Kistler, Kris
> Sent: Thursday, January 28, 2010 2:59 PM
> To: NSP-SEC nsp-security
> Subject: Re: [nsp-sec] Circle of trust [was: Vetting: Wang Hua]
>
> ----------- nsp-security Confidential --------
>
> As someone who waited in the wings for a long time to get on
> the list, I
> like the thought that was raised of a temporary, say 3 months or so
> vetting in the -discuss arena.
The nsp-sec discuss list has the same vetting requirements as the main list.
The main difference is you don't have to be as operationally focused.
It is also a very quite list with nearly no traffic most weeks.


>Perhaps even a more formal process of
> maintaining a "designated contact" list for such persons as documented
> resources for the group until they have proven themselves as
> responsive
> to issues is a great compromise to allow persons without the
> prerequisite networking/security contacts in the field to
> "prove" their
> loyalty prior to risking the web of trust established in the
> full list.
That is a good idea.

>
>
> The comment "he is not a dedicated security guy at CT (and CT does not
> have any) and I am not sure how much efforts he can or will
> make, he is
> not the best candidate", makes me a little hesitant, and I have not
> heard anyone step up to personally vouch for him as yet.
> That given, I
> do feel there should be a method by which persons not yet part of the
> clic can join and become productive as that helps everyone involved.
There are a LOT of other lists some with much lower entry requirements.
If he really wanted to establish himself he could join one of those and begin working on trust:)

>
> Enjoy!
> Kris
>
>
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Yiming Gong
> Sent: Thursday, January 28, 2010 2:33 PM
> To: NSP-SEC nsp-security
> Subject: Re: [nsp-sec] Circle of trust [was: Vetting: Wang Hua]
>
> ----------- nsp-security Confidential --------
>
> I should clarify things a little bit here, I knew Wanghua
> (used to have
> work relationship with him for about 2 years). The reason I wrote
> "Wanghua can be a good person whom the security community can talk to
> and hopefully baby-steps can be taken " is he is not a dedicated
> security guy at CT (and CT does not have any) and I am not
> sure how much
>
> efforts he can or will make, he is not the best candidate,
> but besides
> him, there is no any other people i can think of.
>
> He applied for nsp-sec, which to me sounds like he is interested in
> doing something. With so many security incidents pointing to
> CT network,
>
> having a representative on the list and letting CT realize how bad
> things are probably is a good idea.
>
> Regards.
>
> Yiming
> > I will take that as "I cannot vouch for the person Wang
> Hua, but would
> like another CT person here and Wang's position sounds right".
> >
> >
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security
> community. Confidentiality is essential for effective
> Internet security
> counter-measures.
> _______________________________________________
>
> This message contains information which may be confidential
> and/or privileged. Unless you are the intended recipient (or
> authorized to receive for the intended recipient), you may
> not read, use, copy or disclose to anyone the message or any
> information contained in the message. If you have received
> the message in error, please advise the sender by reply
> e-mail and delete the message and any attachment(s) thereto
> without retaining any copies.
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security
> community. Confidentiality is essential for effective
> Internet security counter-measures.
> _______________________________________________
>

This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful.  If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.

More information about the nsp-security mailing list