再保险:[CVEPRI]请投票v5.5网络犯罪条约文本的语句

接受| - - - - -原始消息- - - - - - |:owner-cve-editorial-board-list@lists.mitre.org | (mailto: owner-cve-editorial-board-list@lists.mitre.org]代表Steven m . Christey | |发送:星期四,5月11日,2000年29点|:cve-editorial-board-list@lists.mitre.org |主题:[CVEPRI]请投票表决的文本网络犯罪公约声明| v5.5 | | |是| |请表决当前网络犯罪公约语句的文本,包括|下面,我贴上v5.5(以防它不转|是“最终”)。这不是* *我们如何将投票|签名和组织关系,因为这个问题仍然|讨论,可以脱离实际的文本。| |编辑列表以来沉默在最后一天半,|这是唯一具体方法确定董事会准备|保佑这个声明并同意“最终复制”用来画|外董事会的支持。| |请将下列票对我和戴夫·曼| (dmann@bindview.com),或编辑委员会名单:| |接受,接受文本记录| |修改——修改。请发送任何修改投票|列表。然而,在这个时候你强烈敦促不要|建议少量修改,可以标记“迂腐|舞文弄墨者”:-)| |等待——使用这个如果你想投弃权票。| |拒绝使用这个票在您自己的风险;-)| | |这是要求你发送在周二投票,5月16日。如果一个|“最终决定”可以在那个时候,我将宣布。| |我要收集和计算选票。的26个组织|代表董事会,21已经建立了,他们都知道|这个问题。 | | It seems reasonable to require a minimum of 16 ACCEPT votes, which | would be 75% of the "active" Board member organizations, and 60% of | all Board member organizations. | | Note that I will be unavailable for all or most of Friday, so if | you're voting then, please make sure that Dave Mann knows how you | voted. | | - Steve | | | ************** TEXT of CyberCrime Treaty Statement v5.5 ************** | | Greetings: | | As leading security practitioners, educators, vendors, and users of | information security, we wish to register our misgivings about the | Council of Europe draft treaty on Crime in Cyberspace. | | We are concerned that portions of the proposed treaty may result in | criminalizing techniques and software commonly used to make computer | systems resistant to attack. Signatory states passing legislation to | implement the treaty may endanger the security of their computer | systems because computer users in those countries will not be able to | adequately protect their computer systems and the education of | information protection specialists will be hindered. | | Critical to the protection of computer systems and infrastructure is | the ability to | * Test software for weaknesses | * Verify the presence of defects in computer systems | * Exchange vulnerability information | | System administrators, researchers, consultants and companies all | routinely develop, use, and share software designed to exercise known | and suspected vulnerabilities. Academic institutions use these | tools to educate students and in research to develop improved | defenses. Our combined experience suggests that it is impossible | to reliably distinguish software used in computer crime from that | used for these legitimate purposes. In fact, they are often | identical. | | Currently, article 6 of the draft treaty is vague regarding the use, | distribution, and possession of software that could be used to | violate the security of computer systems. We agree that damaging or | breaking into computer systems is wrong and we unequivocally support | laws against such inappropriate behavior. We affirm that a | goal of the | treaty and resulting legislation should be to permit the development | and application of good security measures. However, legislation that | criminalizes security software development, distribution and use | is counter to that goal, as it would adversely impact security | practitioners, researchers, and educators. | | Therefore, we respectfully request that the treaty drafters remove | section a.1 from article 6, and modify section b accordingly; the | articles on computer intrusion and damage (viz., articles 1-5) are | already sufficient to proscribe any improper use of security-related | software or information. | | Please do not hesitate to call on us for technical advice in your | future deliberations. | | Signed, | | | [** signatures, affiliations, and disclaimers deleted - still under | discussion **]