<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Franklin Gothic Book";
panose-1:2 11 5 3 2 1 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Dear CESG,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">AT various times we have talked about the expectation that the CCSDS mailing lists, at least some of them, are closed and therefore private to that group. This is a particular concern, I think, for the CESG and CMC discussions. We control
who can be added to those lists and also who can post to them. But it appears that this "privacy" is not really the case since the email list archives are open to being read by anyone at all.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">See the following notice from the Sec WG.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Also, see the CMC archives at <a href="https://mailman.ccsds.org/pipermail/cmc/">
https://mailman.ccsds.org/pipermail/cmc/</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I think we should probably suggest that the Secretariat do something about this.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Regards, Peter<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:12.0pt;color:black">From:
</span></b><span style="font-size:12.0pt;color:black">Howie Weiss <Howard.Weiss@parsons.com><br>
<b>Date: </b>Friday, October 26, 2018 at 10:19 AM<br>
<b>To: </b>Peter Shames <Peter.M.Shames@jpl.nasa.gov><br>
<b>Cc: </b>"'Daniel.Fischer'" <Daniel.Fischer@esa.int>, Howie Weiss <Howard.Weiss@parsons.com><br>
<b>Subject: </b>Publicly Available CCSDS Mailing List Archives<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
</div>
<p class="MsoNormal" style="margin-left:.5in">Peter<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">I had an action item from the Security WG that I neglected to do at the SEA closing plenary which I now discovered when going through my notes to write up the meeting minutes.
<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">The concern is with the working group mailing list archives. Anyone, without any authorization, can read the archives. As a result, we have eliminated any potential for mailing list privacy. The mail is not just
available to the members of the mailing list – they are available to anyone world-wide.
<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Here’s a screen shot of the CESG archive that I just viewed (and I can read any of the emails listed).
<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><img border="0" width="1345" height="1080" style="width:14.0104in;height:11.25in" id="Picture_x0020_1" src="cid:image001.png@01D46D22.DBECC570" alt="cid:image001.png@01D46D2E.69669240"><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">We believe that this must be fixed ASAP.<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Regards<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Howie<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">----------<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:10.0pt">Howard Weiss</span></b><b><span style="font-size:9.0pt">,
</span></b><b><span style="font-size:8.0pt">CISSP</span></b><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:9.0pt">PARSONS, Inc.</span></b><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:9.0pt">7110 Samuel Morse Dr</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:9.0pt">Suite 200</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:9.0pt">Columbia, MD 21046</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:9.0pt">443-430-8089 (office)</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:9.0pt">443-494-9087 (cell)</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:9.0pt">443-430-8238 (fax)</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:10.0pt;font-family:"Franklin Gothic Book",serif">NOTICE: This email message and all attachments transmitted with it may contain privileged and confidential information, and information that
is protected by, and proprietary to, Parsons Corporation, and is intended solely for the use of the addressee for the specific purpose set forth in this communication. If the reader of this message is not the intended recipient, you are hereby notified that
any reading, dissemination, distribution, copying, or other use of this message or its attachments is strictly prohibited, and you should delete this message and all copies and backups thereof. The recipient may not further distribute or use any of the information
contained herein without the express written authorization of the sender. If you have received this message in error, or if you have any questions regarding the use of the proprietary information contained therein, please contact the sender of this message
immediately, and the sender will provide you with further instructions.<o:p></o:p></span></p>
</div>
</div>
</body>
</html>