My impression is that the role of providing neutral ground for organizations like CERTs should/can be taken over by federations like EurOpen for Europe and the respective national groups like EurOpen.SE (Sweden), GUUG (Germany), NLUUG (The Netherlands) & UKUUG (United Kingdom) and the others. Would that really be a good idea? Those organisations are to my knowledge purely Unix oriented. They were. But times have changed and lots of organisations that have or refer to "Unix" in their name are now no longer focused only on that operating system. Would they be very interested in pursuing security problems with VAX/VMS, MS Windows and MacOS? I'd suggest you visit one of the conferences of the mentioned organisations. Then you'll see that they cover a broad range of issues outside those related to Unix alone. No, it has to be an independent organisation. Yes, it has to be an independent organisation. Actually, it shouldn't even be related to networking, but to *computing*! Computing by itself doesn't bring much risk. Computing with broken or "contaminated" software brings risks. Even more so does networking, since it's the ideal "carrier" for all risks related to computers in general. So the organisation really should be closely related to networking, or in close contact with an an organisation related to networking. Piet