On Fri, 19 Mar 2010 04:43:18 +0100 Guillaume FORTAINE <gfortaine@live.com> wrote:
First question : Why was I able to find this mail on the Internet if it should be kept secret ?
nsp-security was originally formed out of the dissatisfaction with other so-called private collaborative channels back when it was formed a number of years ago. There are many more lists and groups that have since formed along the same lines. The existence of nsp-security is no secret and there has been a small number of "leaks", that is, mail primarily, that was not meant to be forwarded or copied outside the list that had been. Its been far from perfect from both a secretive standpoint and policy standpoint, but compared to what existed before it, it has proved useful from time to time. The ISP Security BoF/Track meetings at NANOG grew out of the nsp-security effort and those are open to any NANOG attendee. One thing groups like this has perhaps most helped with is building one-to-one relationships between colleagues. Groups like nsp-security help you to learn who the trusted and reliable contacts are at various organizations. An ongoing area of work is to build better closed, trusted communities without leaks. Its still an ongoing problem. Thats why many times really sensitive work gets done in even smaller ad-hoc groups or on a one-to-one basis. John