[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CD PROPOSAL: EXCLUSION - Interim Decision 8/23



"Steven M. Christey" wrote:

> <SNIP>
>
> 2) It is not publicly known
>

Just a thought: Do we mean to preclude the CVE from being a forum of
initial announcement of a vulnerability?  My guess is that most CVE
entries would already be well known elsewhere, but what if we have
validated information of a previously unknown vulnerability?  Of course,
we could submit it to bugtraq or ntbugtraq, or whatever, and then enter
it.

OTOH, if your intent is that we will not have "secret" cve entries, fine,
say that.

Bill
begin:vcard 
n:Hill;William
tel;work:703-883-6416
x-mozilla-html:TRUE
org:The MITRE Corporation
adr:;;1820 Dolley Madison Blvd;McLean;VA;22102;
version:2.1
email;internet:bill@mitre.org
title:INFOSEC Engineer
fn:Bill Hill
end:vcard

S/MIME Cryptographic Signature


Page Last Updated or Reviewed: May 22, 2007