From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ian Campbell <ian.campbell@citrix.com>
Subject: [PATCH 2/6] Clarifications to predisclosure list
	subscription instructions
Date: Thu, 23 Aug 2012 11:37:50 +0100
Message-ID: <1345718274-7900-2-git-send-email-ian.campbell@citrix.com>
References: <1345718230.12501.79.camel@zakaz.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <1345718230.12501.79.camel@zakaz.uk.xensource.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: xen-devel@lists.xen.org
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>, Ian Campbell <ian.campbell@citrix.com>
List-Id: xen-devel@lists.xenproject.org

Specially:
  * Mention that subscriptions via the webterface do not work / are
    not honoured.
  * Mention the preference for role addresses only.

See <20448.49637.38489.246434@mariner.uk.xensource.com>, section
    "8. Predisclosure subscription process, and email address
        criteria"
---
 security_vulnerability_process.html |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/security_vulnerability_process.html b/security_vulnerability_process.html
index eff108a..ee42402 100644
--- a/security_vulnerability_process.html
+++ b/security_vulnerability_process.html
@@ -206,7 +206,9 @@ if(ns4)_d.write("<scr"+"ipt type=text/javascript src=/globals/mmenuns4.js><\/scr
        <li>The planned disclosure date</li>
     </ul></p>
 
-    <p>Organisations who meet the criteria should contact security@xen if they wish to receive pre-disclosure of advisories.</p>    
+    <p>Organisations who meet the criteria should contact security@xen if they wish to receive pre-disclosure of advisories. Organisations should not request subscription via the mailing list web interface, any such subscription requests will be rejected and ignored.</p>
+    <p>Normally we would prefer that a role address be used for each organisation, rather than one or more individual's direct email address. This helps to ensure that changes of personel do not end up effectively dropping an organisation from the list</p>
+
     <p>The pre-disclosure list will also receive copies of public advisories when they are first issued or updated.</p>
     
     <h3>Organizations on the pre-disclosure list:</h3>
-- 
1.7.10.4