<br><font size=2 face="sans-serif">VOIPSA Best Practices list,</font>
<br>
<br><font size=2 face="sans-serif">Welcome to the Best Practices project!
First off, may I just say a huge thank you to all of you for wanting
to help with this project. As the list admin, I've been watching
the subscription notices stream in and we're now up around 90 people. I
recognize many of you from the VOIPSEC mailing list, from Blue Box podcast
listeners, from conferences... but just as many I don't recognize... and
I look forward to working with you all.</font>
<br>
<br><font size=2 face="sans-serif">Thank you for your interest in helping.
The continued escalation of news reports about VoIP security as well
as increased postings to security lists only highlights how timely and
important this project is.</font>
<br>
<br><font size=2 face="sans-serif">I may be completely naive, but I honestly
don't think this will be an enormously long project. I think that
with the collective knowledge we have on this list, we can probably lay
out most if not all of the required best practices relatively quickly.
In fact, I think the thing that may take us the longest may be agreeing
on how to structure the document. I would like to think that this is a
project we can complete over the next couple of months, realizing that
the holidays are in here, of course. We'll see.</font>
<br>
<br><font size=2 face="sans-serif">But before I talk about the project,
let me just make a couple of points about my style and availability, given
that many/most of you have not worked with me before:</font>
<br>
<br><font size=2 face="sans-serif">1. As you'll see below, I've laid out
a *suggestion* for how I think things should be structured... but please
keep in mind that those are *suggestions*... I *very* much want to hear
your feedback and am definitely open to change.</font>
<br><font size=2 face="sans-serif">2. Please know that I am VERY open to
feedback/criticism/suggestions. I have a very thick skin and enough
self-confidence that I'm perfectly okay if you tell me an idea (or text)
of mine is very dumb. (Preferably being polite while doing so.) Please
do so... my objective is to get the best possible set of Best Practices
that we can- as quickly as we can... I'm not interested in having egos
(including my own) get in the way.</font>
<br><font size=2 face="sans-serif">3. Unfortunately I'm getting on a plane
Monday afternoon (Dec 4th, Eastern US time) heading to London, UK, where
I'll be through the end of the week (Dec 8th). There will be periods
where my email connectivity will be limited and, of course, my Verizon
blackberry will not work for email there. (The perils of living in
Burlington, Vermont, where GSM coverage is limited.) <br>
It would actually be far better for me to wait a week to launch this project,
but I very much want to get it moving so that we can get some work done
before the holiday break. <br>
I'll be back in the office Dec 11th and don't expect to be travelling after
that until late January.</font>
<br>
<br><font size=2 face="sans-serif">So on to the project. If you go
to the main project page in the VOIPSA wiki:</font>
<br>
<br><font size=2 face="sans-serif"> http://wiki.voipsa.org/tiki-index.php?page=BestPracticesHome</font>
<br>
<br><font size=2 face="sans-serif">you will see that tonight I've created
the following pages:</font>
<br>
<br><font size=2 face="sans-serif">- A proposed development process and
document structure: http://wiki.voipsa.org/tiki-index.php?page=Development+Process</font>
<br><font size=2 face="sans-serif">- A list of proposed volunteer roles:
http://wiki.voipsa.org/tiki-index.php?page=Volunteer+Opportunities%2FTeam+Structure</font>
<br><font size=2 face="sans-serif">- Examples of generic best practice
statements: http://wiki.voipsa.org/tiki-index.php?page=Examples+of+Best+Practices</font>
<br><font size=2 face="sans-serif">- References to other "Best Practices"
documents: http://wiki.voipsa.org/tiki-index.php?page=Best+Practices+References+</font>
<br>
<br><font size=2 face="sans-serif">What I would be most interested in feedback
on over the next week is the following:</font>
<br>
<br><font size=2 face="sans-serif">1. Can anyone point to other Best Practices
documents that we can add to the reference page? They need to be
publicly available (i.e. not requiring registration) so that people can
see them.</font>
<br><font size=2 face="sans-serif">2. What do people think about how we
should best structure the document? (See my notes on the Development
Process page.)</font>
<br><font size=2 face="sans-serif">3. Do you agree with what I identified
as the target audience? </font>
<br><font size=2 face="sans-serif">4. I've identified about 10 potential
volunteer roles... do you agree with my thoughts? </font>
<br><font size=2 face="sans-serif">5. If so, anyone already willing
to step forward and say how they'll contribute?</font>
<br><font size=2 face="sans-serif">6. Any thoughts on the questions I raise
at the bottom of the Development Process page?</font>
<br>
<br><font size=2 face="sans-serif">Two final notes:</font>
<br>
<br><font size=2 face="sans-serif">- Like other VOIPSA lists, this one
is set so that, with most mail clients, if you just hit Reply your message
will go back to only the *sender*. If you want it to go back to the
list, you'll need to do "Reply to All".</font>
<br><font size=2 face="sans-serif">- This mailing list has a *public* message
archive and the wiki is entirely public, so please just do realize that
everything you send on this list or add to the wiki is visible to anyone
on the Internet.</font>
<br>
<br><font size=2 face="sans-serif">With that, I'll again say thank you
for joining this project and I look forward to working with all of you
to make it happen. If you have any questions about all of this, please
do feel free to email or call.</font>
<br>
<br><font size=2 face="sans-serif">Thank you,</font>
<br><font size=2 face="sans-serif">Dan</font>
<br>
<br><font size=2 face="sans-serif">-- <br>
Dan York, CISSP<br>
Dir of IP Technology, Office of the CTO<br>
Mitel Corp. http://www.mitel.com<br>
dan_york@mitel.com +1-613-592-2122<br>
PGP key (F7E3C3B4) available for <br>
secure communication<br>
<br>
</font>