firstname.lastname@example.org (spender chose not to be CC'd in the end)
> If you disagree with this policy,
i don't agree with it (nor with the secrecy and corresponding unaccountability of other lists
like the kernel security one)
> bring it up on vendor-sec, where it can be discussed and possibly changed.
it can be discussed, but it can't possibly be changed, and you know that full well. case in
point, you guys decided against letting in individual researchers on vendor-sec. how could you
possibly agree on opening up the same discussions these private researchers would have been
privy to then? obviously you will never do that and there's no point in having fake
discussions whose outcome has already been decided.