"Liguori, Anthony" <aligu...@amazon.com> writes: > I think this is a bit overkill. Many projects use private mailing > lists for this purpose.
I guess you're right on the average level of paranoia among people willing to report security issues, but I'm afraid you might be off on the 90th percentile. Besides, an encrypted option should be offered as a matter of general principle. Today more than ever.
