>
> One other thing that occurs to me is that the webpages still need
> a little bit of work, any suggestions people have would be appreciated.
Some comments:
- The pages are difficult to find if starting from the index (in order to
get to the tools page I had to go Index->FAQ->Auditing Overview->Tools
- The pages are too spread out with only tidbits of information in each
page instead of having a single page with a lot of information and
appropiate headers to make it easy to jump to one place or another
- I disgress regarding the recommendation to _not_ use the BTS. IT might
make sense to use the BTS when reporting bugs related to versions that are
not present on unstable and don't require a DSA themselves. For example
consider #249613.
[Note: I'm not really an example on how to do this since I should have
reported #249616 to the Security Team first]
- I miss a link to the open security bugs, prospective auditors could be
forwarded also to http://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=security
and ask them to _help_ fix bugs or take a look at open bugs.
- A list of common bugs found and pointers on how to fix them?
For example: race conditions, buffer overflows...
- References to other (active) audit teams (like OpenBSD's, I believe that
Sardonix is almost dead, but not completely)
Just my 2c
Regards
Javier