From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <luto@amacapital.net>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 74BE6D25
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Sat,  8 Sep 2018 14:20:04 +0000 (UTC)
Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com
	[209.85.214.174])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 739265E2
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Sat,  8 Sep 2018 14:20:03 +0000 (UTC)
Received: by mail-pl1-f174.google.com with SMTP id j8-v6so7808203pll.12
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Sat, 08 Sep 2018 07:20:03 -0700 (PDT)
Content-Type: text/plain;
	charset=utf-8
Mime-Version: 1.0 (1.0)
From: Andy Lutomirski <luto@amacapital.net>
In-Reply-To: <20180908113411.GA3111@kroah.com>
Date: Sat, 8 Sep 2018 07:20:00 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <A243E221-F38D-441F-A888-481010478996@amacapital.net>
References: <nycvar.YFH.7.76.1809062054450.15880@cbobk.fhfr.pm>
	<CALCETrWsWGbo0B7=_AAOinJVCLrZbhJ75W2eUPxLCyo2BspBxA@mail.gmail.com>
	<alpine.DEB.2.21.1809081037440.1402@nanos.tec.linutronix.de>
	<20180908082141.15d72684@coco.lan>
	<20180908113411.GA3111@kroah.com>
To: Greg KH <greg@kroah.com>
Cc: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>,
	ksummit-discuss@lists.linuxfoundation.org
Subject: Re: [Ksummit-discuss] [MAINTAINERS SUMMIT] Handling of embargoed
	security issues
List-Id: <ksummit-discuss.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/ksummit-discuss>,
	<mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/ksummit-discuss/>
List-Post: <mailto:ksummit-discuss@lists.linuxfoundation.org>
List-Help: <mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/ksummit-discuss>,
	<mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=subscribe>



> On Sep 8, 2018, at 4:34 AM, Greg KH <greg@kroah.com> wrote:
>=20
>> On Sat, Sep 08, 2018 at 08:21:41AM -0300, Mauro Carvalho Chehab wrote:
>> IMHO, the best would be to have a formal/legal way to handle it.
>=20
> No, sorry, some of us are not allowed legally to sign NDAs for stuff
> like this.  So keeping legal out of is it the best solution and we have
> done that pretty well so far.
>=20

A lot us us (such as yours truly) have NDAs in place. I would love a clear m=
echanism by which a vendor gives explicit permission for me to communicate w=
ith other relevant parties. It doesn=E2=80=99t need to be fancy and legalist=
ic, but having it written down would be very, very nice.=