Re: Security policies for Kubernetes


Greg KH <gregkh@...>
 

On Thu, Nov 10, 2016 at 07:21:34PM +0000, Nicko van Someren wrote:
That's interesting feedback. I was speaking to the VP of infrastructure at a
major bank last week and he said that having a heads up from OpenSSL helps him
hugely and he wished that more projects did it. I also had a request from one
of the CII members asking for the same thing. Who in the OpenSSL team felt it
didn't work? I would be interested to know what problems they find with this.
Users might get warm and fuzzies thinking that this is the only time
they need to update, but really, they should be updating all the time.
Announcing it ahead of time really doesn't help companies fix their
infrastructure problems properly.

But that's my comments, and not the OpenSSL's teams comments, I can't
recall their exact reasons. I suggest talking to them at their next
hackfest about it to get all of the details.

thanks,

greg k-h

Join cncf-toc@lists.cncf.io to automatically receive all group messages.