===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- www/security.html	1998/02/21 15:49:58	1.21
+++ www/security.html	1998/02/21 22:25:36	1.22
@@ -16,16 +16,16 @@
 
 <p>
 <h3><font color=#e00000><strong>OpenBSD Security Views</strong></font></h3>
+
 OpenBSD believes in strong security.  Our aspiration is to be NUMBER
-ONE in the industry for security.  Our open software development model
-permits us to take a more uncompromising view towards increased
-security than Sun, SGI, IBM, HP, or other vendors are able to.  We can
-make changes the vendors would not make.  Also, since OpenBSD is
-exported with cryptography software, we are able to take cryptographic
-approaches towards fixing security problems.
+ONE in the industry for security (if we are not already there).  Our
+open software development model permits us to take a more
+uncompromising view towards increased security than Sun, SGI, IBM, HP,
+or other vendors are able to.  We can make changes the vendors would
+not make.  Also, since OpenBSD is exported with <a href=crypto.html>
+cryptography software</a>, we are able to take cryptographic
+approaches towards fixing security problems.<p>
 
-<p>
-
 Like most readers of the
 <a href=http://www.geek-girl.com/bugtraq/index.html>
 BUGTRAQ mailing list</a>,
@@ -34,10 +34,8 @@
 experience shows that coding and release of proper security fixes
 typically requires about an hour of work resulting in very fast fix
 turnaround.  Thus we think that full disclosure helps the people who
-really care about security.
+really care about security.<p>
 
-<p>
-
 Our security auditing team typically has between six and twelve
 members, and most of us continually search for and fix new security
 holes. We have been auditing since the summer of 1997.  The process we
@@ -46,9 +44,8 @@
 just about every area of the system.  Entire new classes of security
 problems were found while we were doing the audit, and in many cases
 source code which had been audited earlier had to be re-audited with
-these new flaws in mind.
+these new flaws in mind.<p>
 
-<p>
 Another facet of our security auditing process is it's proactiveness.
 In almost all cases we have found that the determination of
 exploitability is not an issue.  During our auditing process we find
@@ -137,7 +134,7 @@
 <hr>
 <font size="-1">
 <em>This site Copyright &copy; 1996-1998 OpenBSD.</em><br>
-$OpenBSD: security.html,v 1.21 1998/02/21 15:49:58 deraadt Exp $
+$OpenBSD: security.html,v 1.22 1998/02/21 22:25:36 deraadt Exp $
 </font>
 
 </BODY>