It struck me that interpretation of security issues are quite often
OS-specific.  That, coupled with the fact that security programs have to
be tuned slightly for your file system hierarchy, userlevel programs, etc.,
could be sufficient reason to form a list.

So far, security issues have been spread throughout tech-kern, current-users,
and probably a few others.

Ideally, there would be two lists, one for relevant announcements, and
one for discussion.

In particular, the announcements should be low-volume and there should
be a few people in charge of reading other specific security lists and
reporting relevant bits.

Comments?