[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Level of Abstraction Issue: Similar Applications, "Same" Vulnerability
- To: cve-review@linus.mitre.org
- Subject: Re: Level of Abstraction Issue: Similar Applications, "Same" Vulnerability
- From: "Steven M. Christey" <coley@linus.mitre.org>
- Date: Tue, 29 Jun 1999 18:32:19 -0400 (EDT)
Aleph One said: >On Tue, Jun 29, 1999 at 04:36:08PM -0500, Gene Spafford wrote: >> If everyone agrees with you, then write up a decision proceedure, and >> we move on. > >I am not running this show ;) I know, I know, *I'm* running this show ;-) I think this conversation has been productive, though I doubt we'll all obtain full agreement given how today's discussions are going ;-) There are clearly two camps. I'd like the IDS experts to weigh in with their opinion (Kent, Stuart, Steve?). Then I'll attempt to gather everyone's comments and "induce" a well-defined rule set for this particular content decision. I believe that as long as content decisions such as these are well-defined and defensible, and applied as consistently as possible, then the CVE will have gone as far as it can to reflect "consensus." We can document these debates we're having for further review by others (whether through public logs of these messages, or some other means). - Steve
- Prev by Date: RE: Question about CVE to vendor mappings
- Next by Date: Re: Question about CVE to vendor mappings
- Prev by thread: Re: Level of Abstraction Issue: Similar Applications, "Same" Vulnerability
- Next by thread: INTERIM DECISION: ACCEPT 16 candidates from MODIFY-01 cluster
- Index(es):
