[tor-dev] Responsible disclosure
Bram de Boer
bram at nosur.com
Thu Sep 18 20:59:44 UTC 2014
Hi,
How can I responsibly report a bug that might affect security (e.g. possibility to DoS Tor nodes)? I searched the torproject.org website, but couldn't find any pointers with respect to responsible disclosure.
Do I just file a trac ticket and/or drop it in this mailinglist? Do I report it directly to some of the key players in this project (Roger, Nick, etc.)?
Thanks,
Bram
More information about the tor-dev
mailing list