Hi Bram. If it's security related then we have...
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-security
... which is a closed list soly subsribed to by Nick and a few others. That said though we set that list up years ago for this purpose and I'm not spotting it advertised anywhere, so might no longer be the best point of contact. Nick can advise.
Cheers! -Damian
On Thu, Sep 18, 2014 at 1:59 PM, Bram de Boer bram@nosur.com wrote:
Hi,
How can I responsibly report a bug that might affect security (e.g. possibility to DoS Tor nodes)? I searched the torproject.org website, but couldn't find any pointers with respect to responsible disclosure.
Do I just file a trac ticket and/or drop it in this mailinglist? Do I report it directly to some of the key players in this project (Roger, Nick, etc.)?
Thanks, Bram
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev