CIPP-L Usage Policy

1.0 Administrivia

1.1 Charter of the CIPP-L Mailing List

1.1.1 What is CIPP-L?

The CIPP-L mailing list is meant to provide a common forum to discuss security concepts, ideas, theories pertaining to ‘critical infrastructure protection’. This includes, but is not limited to, companies and/or organizations who represent end-user communities utilizing said technologies or architectures, government personnel (local, state, and federal), IT security professionals, SCADA security professionals, homeland security professionals, development organizations (vendors who provide the technology to SCADA), and more. This list is designed for people who are not necessarily security experts. As such, it is also an excellent resource for the beginner who wants a non-threatening place to learn the ropes.

1.1.2 What is appropriate content?

The following are what topics are allowed and/or should be posted to the CIPP-L mailing list:

• Tips on ‘critical infrastructure protection’ issues.
• Affordable software solutions that is non-commercial (no advertising).
• Affordable hardware solutions that is non-commercial (no advertising).
• Security patches for commonly used software or hardware.
• Security policies for infrastructure businesses and sectors.
• Visionary or future direction of CIP.

1.1.3 What is inappropriate content?

The following will *not* be tolerated on the CIPP-L mailing list; failure to comply will result in the offending party’s removal:

• Announcement of security vulnerabilities in technical detail.
• Any announcements where US/ICS-CERT or DHS have NOT been notified.
• Vulnerability announcements where notification has NOT been given.
• Product advertisements.
• Discussion of advanced security issues in technical detail.
• Non-CIP/non-computer security related material.
• Slanderous commentary in a public venue of any nature.

1.1.4 Can I mention about my conference?

We encourage the open distribution of information to the user community. However, due to the commercial aspect that a conference implies, we try and limit the amount of times that a conference organizer may announce to the CIPP-L mailing list, and therefore will allow a maximum of only TWO (2) ANNOUNCEMENT for each conference: one announcement posting to provide the general membership with the public announcement to the conference, and one announcement posting to provide any updates or last-minute information about the conference.

1.1.5 Is the list moderated?

Normally, no; however, the list can (and will be) from time to time “temporarily moderated” to prevent “flame wars”. This is at the discretion of both the list owners, and of the moderators.

1.1.6 Who are the list moderators?

CIPP Administrator (

The moderators are all representative of varying degrees of expertise, and welcome comments at any time.

1.2 History of CIPP-L

1.2.1 When was CIPP-L created?

CIPP-L was initially created on Monday, the 3th of April, 2006 by Tammy Olk as its founder.

1.2.2 Was the original charter always this way?

Yes, the original charter was to share and promote information exchange. Unfortunately, because of integration issues, tempers do flare (sometimes), and the varying parties need to understand that this is a common ground for meeting, sharing and exchanging ideas, philosophies, and more.

1.3 List Management

1.3.1 How do I subscribe to the CIPP-L mailing list?

Via your web browser, visit our web site at:

Please enter your name, email address, and you will receive a confirmation within 5-10 minutes. One of the moderators will acknowledge your wanting to join CIPP-L, and will acknowledge when time is available, your acceptance into the mailing discussion group.

1.3.2 How do I unsubscribe from the CIPP-L mailing list?

Via your web browser, visit our web site at:

1.3.3 How do I disable mail delivery temporarily?

Unsubscribe from the list and re-subscribe to start receiving mailing list traffic again. Also, if we receive too many bounce-back messages from a particular email address, that address may be either “temporarily disabled”, or unsubscribed entirely by one of the moderators.

1.3.4 Is the list available in a digest format?

Yes, the digested form of the list is made available 1-2 times daily, depending on the amount of email traffic ingested.

1.3.5 How do I subscribe to the digest?

Same method as subscribing, only select “Digest ONLY”.

1.3.6 How do I unsubscribe from the digest?

Same method as outlined in Section 1.3.2.

1.3.7 I seem to not be able to unsubscribe — what is going on?

You are probably subscribed from a different address than that from which you are sending commands to the list from. Either send email from the appropriate address or email the list owner, CIPP Administrator ( to be unsubscribed manually.

1.3.8 Disclaimer Statement for Usage of the CIPP-L mailing list

DISCLAIMER: Any and all relevant discussions, postings, or otherwise, outlined, shared or distributed on the CIPP-L mailing list are the responsibility of the originating and/or corresponding author and/or posting party, and shall in no way, hold either the list owner, Infracritical, or any of the moderators, responsible, accountable, liable whatsoever. The CIPP-L mailing list discussion forum is provided for the benefit of everyone associated with and/or participating to discussions that pertain to or are relevant to CIP security discussions thereof.