RE: Proposal: CVE candidate/approved numbering scheme

To: "CVE (E-mail)" <cve-review@linus.mitre.org>
Subject: RE: Proposal: CVE candidate/approved numbering scheme
From: Russ <Russ.Cooper@rc.on.ca>
Date: Thu, 20 May 1999 12:26:43 -0400

>Just exactly why would you need CAN-numbers in bulk? The most
>vulnerabilities I've ever seens any one organization publish in
>a single day has been three or four.

Whenever a new CNA comes on board, they are likely to believe they will
have a number of Candidates that are not already in the CVE. They may
also prefer to have numbers ready in advance of a discovery just to
avoid having to pick them up one at a time. I am not imagining that
every CNA will want hundreds of numbers at their finger-tips, but their
internal mechanisms may dictate that they have some on hand.

It was just a suggetion to allow the mechanism to scale to any demand
rather than to assume they'll always be a one-to-one relationship
between discovery and picking up a CAN number.

Not crucial, just a nice-to-have.

Cheers,
Russ - NTBugtraq Editor

Prev by Date: Re: Proposal: CVE candidate/approved numbering scheme
Next by Date: Re: Proposal: CVE candidate/approved numbering scheme
Prev by thread: Re: Proposal: CVE candidate/approved numbering scheme
Next by thread: Re: Proposal: CVE candidate/approved numbering scheme
Index(es):
- Date
- Thread

Page Last Updated: May 22, 2007

Common Vulnerabilities and Exposures

RE: Proposal: CVE candidate/approved numbering scheme