[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Candidate numbering scheme
- To: cve-review@linus.mitre.org
- Subject: Re: Candidate numbering scheme
- From: "Steven M. Christey" <coley@linus.mitre.org>
- Date: Thu, 13 May 1999 16:10:37 -0400 (EDT)
>| CAN-<id>-YYYYMMDDn >| where <id> is an "official" ID that identifies the proposer, YYYYMMDD >| is the year/month/date, and "n" separates multiple vulnerabilities >| that the proposer um, proposes on the same date. The benefit of the >| date in the ID is that we can immediately see which candidates are >| getting "old." In the short term, the proposer could take the >| responsibility for ensuring that their number is unique, and the >| encoded date helps that. > >If N will become the CVE-N, I think this will work fine. Otherwise, >we need to add references to CAN-NETECT-19990514A to CVE-00666 to >reference the discussion that lead to its acceptance. I don't think we would be able to guarantee that any "n" would become CVE-N. When the "official" decision is announced for including a candidate into the CVE, it can link the candidate number(s) and the associated CVE numbers. A "summary" of outstanding candidates could be posted on a semi-regular basis. To ease sorting, perhaps it would be better to have the date appear earlier in the format, e.g. CAN-19990514-NETECT-A - Steve
- Prev by Date: Re: Candidate numbering scheme
- Next by Date: RE: Candidate numbering scheme
- Prev by thread: Re: Candidate numbering scheme
- Next by thread: RE: Candidate numbering scheme
- Index(es):
