flak rss random

selective disclosure

The phrase responsible disclosure doesn’t have a precise definition. Instead, it can only be understood in terms of its opposite, irresponsible disclosure, which is defined as “any disclosure I don’t like”.

Instead of using a phrase that encodes a value judgment in place of a description, let’s pick a technical term that describes what’s happening: selective disclosure. This phrase is then neatly contrasted with its opposite, full disclosure.

Some people like the term coordinated disclosure, although in practice it often isn’t.

Also: regarding embargoes.

Posted 22 Jul 2014 16:59 by tedu Updated: 01 Nov 2016 02:57
Tagged: security thoughts