-\define{versionidfeedback} \versionid $Id$
-
\A{feedback} \ii{Feedback} and \i{bug reporting}
This is a guide to providing feedback to the PuTTY development team.
actually need it, and only one of us needs to download it instead of
it being automatically copied to all the developers.
+(If the file contains confidential information, then you could encrypt
+it with our Secure Contact Key; see \k{pgpkeys-pubkey} for details.)
+
Some people like to send mail in MS Word format. Please \e{don't}
send us bug reports, or any other mail, as a Word document. Word
documents are roughly fifty times larger than writing the same
\b \W{news:comp.terminals}\c{comp.terminals}, for issues relating to
terminal emulation (for instance, keyboard problems).
+Please use the newsgroup most appropriate to your query, and remember
+that these are general newsgroups, not specifically about PuTTY.
+
If you don't have direct access to Usenet, you can access these
newsgroups through Google Groups
(\W{http://groups.google.com/}\cw{groups.google.com}).
documentation could usefully have told you that, send us a bug
report and explain how you think we should change it.
+\H{feedback-vulns} Reporting security vulnerabilities
+
+If you've found a security vulnerability in PuTTY, you might well want
+to notify us using an encrypted communications channel, to avoid
+disclosing information about the vulnerability before a fixed release
+is available.
+
+For this purpose, we provide a GPG key suitable for encryption: the
+Secure Contact Key. See \k{pgpkeys-pubkey} for details of this.
+
+(Of course, vulnerabilities are also bugs, so please do include as
+much information as possible about them, the same way you would with
+any other bug report.)
+
\H{feedback-features} Requesting extra features
If you want to request a new feature in PuTTY, the very first things
(If you want to distribute PuTTY alongside your own application for
use with that application, or if you want to distribute PuTTY within
-your own organisation, then we recommend you offer your own
-first-line technical support, to answer questions about the
-interaction of PuTTY with your environment. If your users mail us
-directly, we won't be able to tell them anything useful about your
-specific setup.)
+your own organisation, then we recommend, but do not insist, that
+you offer your own first-line technical support, to answer questions
+about the interaction of PuTTY with your environment. If your users
+mail us directly, we won't be able to tell them anything useful about
+your specific setup.)
If you want to use parts of the PuTTY source code in another
program, then it might be worth mailing us to talk about technical
details, but if all you want is to ask permission then you don't
need to bother. You already have permission.
+If you just want to link to our web site, just go ahead. (It's not
+clear that we \e{could} stop you doing this, even if we wanted to!)
+
\H{feedback-mirrors} Mirroring the PuTTY web site
-Mirrors of the PuTTY web site are welcome, especially in regions not
-well covered by existing mirrors. Please don't bother asking us for
-permission before setting up a mirror. You already have permission. We
-are always happy to have more mirrors.
+\# the next two paragraphs also on the Mirrors page itself, with
+\# minor context changes
+
+If you want to set up a mirror of the PuTTY website, go ahead and
+set one up. Please don't bother asking us for permission before
+setting up a mirror. You already have permission.
+
+If the mirror is in a country where we don't already have plenty of
+mirrors, we may be willing to add it to the list on our
+\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/mirrors.html}{mirrors
+page}. Read the guidelines on that page, make sure your mirror
+works, and email us the information listed at the bottom of the
+page.
+
+Note that we do not \e{promise} to list your mirror: we get a lot of
+mirror notifications and yours may not happen to find its way to the
+top of the list.
-If you mail us \e{after} you have set up the mirror and checked that
-it works, and remember to let us know which country your mirror is in,
-then we'll add it to the
-\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/mirrors.html}{Mirrors
-page} on the PuTTY website.
+Also note that we link to all our mirror sites using the
+\c{rel="nofollow"} attribute. Running a PuTTY mirror is not intended
+to be a cheap way to gain search rankings.
If you have technical questions about the process of mirroring, then
you might want to mail us before setting up the mirror (see also the
projects / PuTTY.git / blobdiff