再保险(CVEPRI):请投票表决的文本网络犯罪公约声明v 5.5

接受- - - - - - - - - - -从原始信息:史蒂芬·m·Christey [mailto: coley@LINUS.MITRE.ORG发送:星期四,2000年5月11日,九29点:cve-editorial-board-list@lists.mitre.org主题:[CVEPRI]请投票v5.5所有网络犯罪条约文本的语句,请投票表决的当前文本网络犯罪公约声明,下面,我贴上v5.5(以防它不会变成“最终”)。这不是* *如何投票将签名和组织的关系,这个问题仍在讨论中,可以脱离实际的文本。以来一直在沉默编辑列表最后一天半,这是唯一的具体方法确定董事会准备保佑这个声明并同意“最终复制”用来画以外的董事会的支持。请将下列票对我和戴夫•曼(dmann@bindview.com)或编辑委员会名单:接受,接受文本记录修改——修改。请发送任何修改投票列表。然而,在这个时候你强烈要求不是说小修改,可以标记“迂腐的作家”:-)无操作使用这个如果你想投弃权票。拒绝使用这个票在您自己的风险;-)要求你把你在周二投票,5月16日。如果一个“决定”可以在那个时候,我将宣布。我将收集和计算选票。26日组织的代表在董事会,21日建立了,他们意识到了这个问题。 It seems reasonable to require a minimum of 16 ACCEPT votes, which would be 75% of the "active" Board member organizations, and 60% of all Board member organizations. Note that I will be unavailable for all or most of Friday, so if you're voting then, please make sure that Dave Mann knows how you voted. - Steve ************** TEXT of CyberCrime Treaty Statement v5.5 ************** Greetings: As leading security practitioners, educators, vendors, and users of information security, we wish to register our misgivings about the Council of Europe draft treaty on Crime in Cyberspace. We are concerned that portions of the proposed treaty may result in criminalizing techniques and software commonly used to make computer systems resistant to attack. Signatory states passing legislation to implement the treaty may endanger the security of their computer systems because computer users in those countries will not be able to adequately protect their computer systems and the education of information protection specialists will be hindered. Critical to the protection of computer systems and infrastructure is the ability to * Test software for weaknesses * Verify the presence of defects in computer systems * Exchange vulnerability information System administrators, researchers, consultants and companies all routinely develop, use, and share software designed to exercise known and suspected vulnerabilities. Academic institutions use these tools to educate students and in research to develop improved defenses. Our combined experience suggests that it is impossible to reliably distinguish software used in computer crime from that used for these legitimate purposes. In fact, they are often identical. Currently, article 6 of the draft treaty is vague regarding the use, distribution, and possession of software that could be used to violate the security of computer systems. We agree that damaging or breaking into computer systems is wrong and we unequivocally support laws against such inappropriate behavior. We affirm that a goal of the treaty and resulting legislation should be to permit the development and application of good security measures. However, legislation that criminalizes security software development, distribution and use is counter to that goal, as it would adversely impact security practitioners, researchers, and educators. Therefore, we respectfully request that the treaty drafters remove section a.1 from article 6, and modify section b accordingly; the articles on computer intrusion and damage (viz., articles 1-5) are already sufficient to proscribe any improper use of security-related software or information. Please do not hesitate to call on us for technical advice in your future deliberations. Signed, [** signatures, affiliations, and disclaimers deleted - still under discussion **]