There is no point in having the special process if a
contributor refuses or doesn't agree with the
confidentiality terms.
Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
The security team develops and obtains (private) reviews for patches
that fix the vulnerability. If necessary, the security team pulls in
-additional developers, who should be asked to maintain
-confidentiality.
+additional developers, who must agree to maintain confidentiality.
Step 4: Embargoed Disclosure