From mboxrd@z Thu Jan  1 00:00:00 1970
From: George Dunlap <George.Dunlap@eu.citrix.com>
Subject: Re: Security policy ambiguities - XSA-108 process
	post-mortem
Date: Thu, 9 Oct 2014 12:24:11 +0100
Message-ID: <CAFLBxZbhmNfaGkYzR9dXB1J2=Vx4qyn=T2NR9Vufu2exy_PW1w@mail.gmail.com>
References: <21557.24142.873029.148164@mariner.uk.xensource.com>
	<21557.50031.783473.873273@chiark.greenend.org.uk>
	<A104B0B6-C528-49EA-8460-A333DD1B0587@gmail.com>
	<21558.22370.175292.5524@chiark.greenend.org.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta3.messagelabs.com ([195.245.230.39])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <dunlapg@gmail.com>) id 1XcBpN-0003WH-2D
	for xen-devel@lists.xenproject.org; Thu, 09 Oct 2014 11:24:13 +0000
Received: by mail-wi0-f171.google.com with SMTP id em10so12733572wid.16
	for <xen-devel@lists.xenproject.org>;
	Thu, 09 Oct 2014 04:24:11 -0700 (PDT)
In-Reply-To: <21558.22370.175292.5524@chiark.greenend.org.uk>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Ian Jackson <ijackson@chiark.greenend.org.uk>
Cc: Lars Kurth <lars.kurth.xen@gmail.com>, xen-devel <xen-devel@lists.xenproject.org>
List-Id: xen-devel@lists.xenproject.org

T24gVGh1LCBPY3QgOSwgMjAxNCBhdCAxMDozNyBBTSwgSWFuIEphY2tzb24KPGlqYWNrc29uQGNo
aWFyay5ncmVlbmVuZC5vcmcudWs+IHdyb3RlOgo+IExhcnMgS3VydGggd3JpdGVzICgiUmU6IFtY
ZW4tZGV2ZWxdIFNlY3VyaXR5IHBvbGljeSBhbWJpZ3VpdGllcyAtIFhTQS0xMDggcHJvY2VzcyBw
b3N0LW1vcnRlbSIpOgo+PiBPbiA4IE9jdCAyMDE0LCBhdCAxNjowNiwgSWFuIEphY2tzb24gPGlq
YWNrc29uQGNoaWFyay5ncmVlbmVuZC5vcmcudWs+IHdyb3RlOgo+PiA+IE15IHZpZXcgaXMgdGhh
dCB0aGUgcG9saWN5IHNob3VsZCBiZSBjbGFyaWZpZWQgdG8gcGVybWl0IGRlcGxveW1lbnQKPj4g
PiBkdXJpbmcgZW1iYXJnby4gIEkgc2VlIG5vIHByYWN0aWNhbCByZWFzb24gZm9yIHByZXZlbnRp
bmcgaXQuCj4+Cj4+IEkgYWdyZWUuIElmIHdlIGRpZG7igJl0IGFsbG93IGRlcGxveW1lbnQgZHVy
aW5nIGFuIGVtYmFyZ28gYSBsb3QgbW9yZQo+PiB1c2VycyB3b3VsZCBiZSBhdCByaXNrLgo+Pgo+
PiBIb3dldmVyLCBpbiB0aGlzIGNvbnRleHQgd2UgZG8gbmVlZCB0byBsb29rIGF0IGEgbnVtYmVy
IG9mIHF1ZXN0aW9uczoKPj4KPj4gYSkgUmlzayBvZiBzb21lb25lIHJldmVyc2UgZW5naW5lZXJp
bmcgdGhlIHZ1bG5lcmFiaWxpdHkgZHVyaW5nCj4+IGRlcGxveW1lbnQuCj4KPiBUaGlzIGlzIHdo
YXQgbXkgY2F2ZWF0IGlzIGludGVuZGVkIHRvIGFkZHJlc3MuCgpUaGF0J3Mgbm90IGhvdyBJIHVu
ZGVyc3Rvb2QgeW91ciBjYXZlYXQgKGFzc3VtaW5nIHlvdSBtZWFuCiIuLi5QUk9WSURFRCBUSEFU
IGFueSBhY3Rpb24gdGFrZW4gYnkgdGhlIHNlcnZpY2UgcHJvdmlkZXIgZ2l2ZXMgbm8KaW5kaWNh
dGlvbiAodG8gdGhlaXIgdXNlcnMgb3IgYW55b25lIGVsc2UpIGFzIHRvIHRoZSBuYXR1cmUgb2Yg
dGhlCnZ1bG5lcmFiaWxpdHkuIikKCkp1c3QgdG8gYmUgY2xlYXIgd2hhdCBJJ20gdGFsa2luZyBh
Ym91dCAoYW5kIHdoYXQgSSB0aGluayBMYXJzIGlzCnRhbGtpbmcgYWJvdXQpOiBTYXkgdGhhdCB0
aGVyZSB3YXMgYSBmaXggdGhhdCB3YXMgZXhwZWN0ZWQgdG8gaGF2ZQpub3RpY2VhYmxlIGVmZmVj
dHMgb24gZXhpc3RpbmcgZnVuY3Rpb25hbGl0eSAtLSBmb3IgZXhhbXBsZSwgYnJlYWtpbmcKY2Vy
dGFpbiAob2JzY3VyZSBidXQgb2NjYXNpb25hbGx5IHVzZWQpIGNvbmZpZ3VyYXRpb25zLCBvciBo
YXZpbmcgYQptZWFzdXJhYmxlIHBlcmZvcm1hbmNlIGltcGFjdCBvbiBjZXJ0YWluIG5vdC11bmNv
bW1vbiB3b3JrbG9hZHMuICBUaGlzCm1pZ2h0IGNsdWUgdGhlIGF0dGFja2VyIGluIHRvIHdoYXQg
Y29kZSB0byBhdWRpdCB0byB0cnkgdG8gZmluZCB0aGUKdnVsbmVyYWJpbGl0eS4KCkZvciBvbmUs
IHlvdXIgY2F2ZWF0IGlzIHByZXR0eSBhbWJpZ3VvdXM6IG1hbnkgcGVvcGxlIHRvb2sgQW1hem9u
J3MKcmVib290aW5nIHRvIG1lYW4gdGhhdCBpdCB3YXMgYSByZWFsbHkgc2VyaW91cyB2dWxuZXJh
YmlsaXR5IChpLmUuLApwcml2aWxlZ2UgZXNjYWxhdGlvbikuICBJbiB0aGlzIGNhc2UgdGhhdCB0
dXJuZWQgb3V0IHRvIGJlIHdyb25nLCBidXQKd2hhdCBpdCBpZiAqaGFkKiBiZWVuIGZvciBhIGJ1
ZyBsaWtlIFhTQS03PyAgV291bGQgdGhhdCBjb25zdGl0dXRlCiJnaXZpbmcgaW5kaWNhdGlvbiBh
cyB0byB0aGUgbmF0dXJlIG9mIHRoZSB2dWxuZXJhYmlsaXR5Ij8KCkZvciB0d28sIEkgd291bGQg
aGF2ZSBpbnRlcnByZXRlZCB0aGlzIGFib3V0IG90aGVyIGFjdGlvbnMgc3Vycm91bmRpbmcKdGhl
IGRlcGxveW1lbnQsIG5vdCBhY3R1YWxseSB0aGUgZGVwbG95bWVudCBpdHNlbGYuCgpJIHRoaW5r
IHRoYXQgdGhlIHNlY3VyaXR5IHRlYW0gc2hvdWxkIGF0dGVtcHQgdG8gZGV0ZXJtaW5lIHdoZXRo
ZXIKcHJlLWRpc2Nsb3N1cmUgZGVwbG95bWVudCBtaWdodCBnaXZlIGF3YXkgdG9vIG11Y2ggaW5m
b3JtYXRpb24sIGFuZApzcGVjaWZpY2FsbHkgc2F5IGluIGVhY2ggYWR2aXNvcnkgd2hldGhlciBl
YXJseSBkZXBsb3ltZW50IGlzIGFsbG93ZWQKb3Igbm90LCBwb3RlbnRpYWxseSB3aXRoIHNwZWNp
ZmljYXRpb25zIGFib3V0IHdoYXQga2luZCBvZiBkZXBsb3ltZW50cwp3aWxsIGJlIGFsbG93ZWQg
KGlmIG5lY2Vzc2FyeSkuICBNb3N0IG9mIHRoZSB0aW1lIHRoaXMgd2lsbCBqdXN0IGJlLAoiUmVi
b290aW5nIHNlcnZlcnMgdG8gZGVwbG95IHRoaXMgZml4IGlzIGFsbG93ZWQiLCBidXQgaXQgbGVh
dmVzIHRoZQpvcHRpb24gb3BlbiB0byBjaGFuZ2UgaXQgaWYgbmVjZXNzYXJ5LgoKIC1HZW9yZ2UK
Cl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fClhlbi1kZXZl
bCBtYWlsaW5nIGxpc3QKWGVuLWRldmVsQGxpc3RzLnhlbi5vcmcKaHR0cDovL2xpc3RzLnhlbi5v
cmcveGVuLWRldmVsCg==