再保险(CVEPRI):请投票表决的文本网络犯罪公约声明v 5.5

接受> - - - - - - - - - - - >从原始信息:史蒂芬·m·Christey (SMTP: coley@LINUS.MITRE。ORG] >发送:星期四,5月11日,2000年8:29点>:cve-editorial-board-list@lists.mitre.org >主题:[CVEPRI]请投票表决的文本网络犯罪公约声明> v5.5 > >, > >请表决当前的网络犯罪条约文本声明中>下面,我贴上v5.5(以防它不转>的“最终”)。这不是* *我们如何将投票>签名和组织关系,因为这个问题仍然>讨论,可以脱离实际的文本。> >编辑列表以来沉默在最后一天半,>这是唯一具体方法确定董事会准备>保佑这个声明并同意“最终复制”用来画>外董事会的支持。> >请将下列票对我和戴夫·曼> (dmann@bindview.com),或编辑委员会名单:> >接受,接受文本记录> >修改——修改。请发送任何修改投票>列表。然而,在这个时候你强烈敦促不是>建议少量修改,可以标记为“迂腐>舞文弄墨者”:-)> >等待使用这个如果你想投弃权票。> >拒绝使用这个票在您自己的风险;-)> > >要求你把你在周二投票,5月16日。如果>“最终决定”可以在那个时候,我将宣布。> >我要收集和计算选票。 Of the 26 organizations > represented on the Board, 21 have established that they are aware of > this issue. > > It seems reasonable to require a minimum of 16 ACCEPT votes, which > would be 75% of the "active" Board member organizations, and 60% of > all Board member organizations. > > Note that I will be unavailable for all or most of Friday, so if > you're voting then, please make sure that Dave Mann knows how you > voted. > > - Steve > > > ************** TEXT of CyberCrime Treaty Statement v5.5 ************** > > Greetings: > > As leading security practitioners, educators, vendors, and users of > information security, we wish to register our misgivings about the > Council of Europe draft treaty on Crime in Cyberspace. > > We are concerned that portions of the proposed treaty may result in > criminalizing techniques and software commonly used to make computer > systems resistant to attack. Signatory states passing legislation to > implement the treaty may endanger the security of their computer > systems because computer users in those countries will not be able to > adequately protect their computer systems and the education of > information protection specialists will be hindered. > > Critical to the protection of computer systems and infrastructure is > the ability to > * Test software for weaknesses > * Verify the presence of defects in computer systems > * Exchange vulnerability information > > System administrators, researchers, consultants and companies all > routinely develop, use, and share software designed to exercise known > and suspected vulnerabilities. Academic institutions use these > tools to educate students and in research to develop improved > defenses. Our combined experience suggests that it is impossible > to reliably distinguish software used in computer crime from that > used for these legitimate purposes. In fact, they are often > identical. > > Currently, article 6 of the draft treaty is vague regarding the use, > distribution, and possession of software that could be used to > violate the security of computer systems. We agree that damaging or > breaking into computer systems is wrong and we unequivocally support > laws against such inappropriate behavior. We affirm that a goal of the > treaty and resulting legislation should be to permit the development > and application of good security measures. However, legislation that > criminalizes security software development, distribution and use > is counter to that goal, as it would adversely impact security > practitioners, researchers, and educators. > > Therefore, we respectfully request that the treaty drafters remove > section a.1 from article 6, and modify section b accordingly; the > articles on computer intrusion and damage (viz., articles 1-5) are > already sufficient to proscribe any improper use of security-related > software or information. > > Please do not hesitate to call on us for technical advice in your > future deliberations. > > Signed, > > > [** signatures, affiliations, and disclaimers deleted - still under > discussion **]