What do we expect from researchers who find security vulnerabilities? How should software firms respond to vulnerability disclosures? What do users want? Be part of the conversation, as we wrestle with the ethical, moral, technical, and practical issues from the perspectives of these three constituencies: researchers, vendors, and users. Bring your questions, concerns, and experiences to share.