[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: CD PROPOSAL: CATSPEC (Interim Decision 8/24)
- To: cve-editorial-board-list@lists.mitre.org
- Subject: RE: CD PROPOSAL: CATSPEC (Interim Decision 8/24)
- From: "Steven M. Christey" <coley@linus.mitre.org>
- Date: Wed, 18 Aug 1999 17:38:31 -0400 (EDT)
- Delivery-Date: Wed Aug 18 17:41:54 1999
- Sender: owner-cve-editorial-board-list@lists.mitre.org
Andre Frech and Stuart Staniford-Chen expressed some confusion with
the use and implications of this content decision.
Andre said, "It almost seems like the methodology can only improve the
content."
CATSPEC, along with DESC-UNIQ and DESC-LOOKUP and some of the content
decisions we'll vote on later, are related to the methodology with
which entries are placed into the CVE. While they don't have a direct
impact on any CVE vulnerabilities, I have listed them because:
- (a) they make very explicit *what* goes into the CVE, what it
looks like, and why
- (b) they will serve as guidance to anyone who submits a candidate,
as well as anyone who votes
- (c) I expect that they will allow shorthand descriptions of why a
candidate is rejected or modified
I believe that this openness is important since the CVE could be used
for a broad variety of applications. We want to allow someone to be
able to assess the high-level utility and applicability of the CVE for
their own needs, and tell them what to expect when they see it.
- Steve
- Prev by Date: Re: CD PROPOSAL: INCLUSION - Interim Decision 8/23
- Next by Date: Re: CD PROPOSAL: CATSPEC (Interim Decision 8/24)
- Prev by thread: Re: CD PROPOSAL: CATSPEC (Interim Decision 8/24)
- Next by thread: Re: CD PROPOSAL: CATSPEC (Interim Decision 8/24)
- Index(es):
