[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[VOTES] Sample voting page for a single candidate


Below is a sample voting page for a single candidate.

A vote is selected via a menu that is presented at the bottom of the
page.  Each vote also includes a basic reason for why the Board member
voted a particular way.  The specific reasons may not ever become
public, but it will help us to learn how people vote, and it will help
MITRE when interpreting the voting rules.  For example: if a candidate
has 3 ACCEPTs but no vendor acknowledgement, we may wish to wait a
little longer to see if any new information arises; but if a member
has ACCEPTed a candidate because they've reproduced the problem
themselves, that may make it easier for MITRE to ACCEPT the candidate
without further review.

The web site will also include a record of who has sent in new votes
(see the "New Votes" section in this voting page).  The "New Votes"
section allows Board members to see other people's votes as soon as
they are made.  Periodically, these new votes will be imported into
the official voting record for that candidate, which is stored offline
from the web site.

- Steve

<META http-equiv="Content-Type"
      content="text/html; charset=ISO-8859-1">
<title>Voting for CAN-2000-0449</title>
<body bgcolor=FFFFFF>


<b><font size=+2>VOTER: christey</font></b>
<b>Proposed:</b> 2000-06-15
<b>Current phase:</b> Proposed (20000615)
<b>Cluster:</b> RECENT-21

<b>INFERRED ACTION:</b> MOREVOTES-1 (2 accept, 0 ack, 0 review) HAS_CDS




<table border=2 cellpadding=2>
<td>Description<td>Omnis Studio 2.4 uses weak encryption (trivial encoding) for
encrypting database fields.

<td>References<td><ul><li>BUGTRAQ:20000525 Omnis Weak Encryption - Many products affected
<li><a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2000-05/0311.html">http://archives.neohapsis.com/archives/bugtraq/2000-05/0311.html</a>
<li><a target="_blank" href="http://www.securityfocus.com/bid/1255">http://www.securityfocus.com/bid/1255</a>

<td>Votes<td>      ACCEPT(1) Levy<br>
   MODIFY(1) Frech<br>
   NOOP(2) Wall, Cole<br>

<td>Comments<td> <b> Frech&gt;</b> XF:omnis-studio-weak-encryption<br>

<td>Content Decisions
<a href="http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CD:DESIGN-WEAK-ENCRYPTION">- DESIGN-WEAK-ENCRYPTION<br></a>




<h1>New Votes</h1>

<i>New votes are archived and processed offline by MITRE.</i><p>

<font color=0000AA><hr><b>christey:</b><br>(2000/06/19 20:57 GMT)<p>
<u>REJECT</u> <i>NOT-REAL</i>
<p><i>Sample REJECT vote - this is not a real vote!

<hr><b>blake:</b><br>(2000/06/19 20:59 GMT)<p>
<p><i>** EXAMPLE VOTE - not really Scott Blake ** <p>
Followups are
inconclusive, so there is not enough independent confirmation for me
to ACCEPT this yet.

<hr><b>magdych:</b><br>(2000/06/19 21:00 GMT)<p>
<u>ACCEPT</u> <i>SELF-VERIF</i>

<p><i>** EXAMPLE VOTE - not really Jim Magdych **  <p>Reproduced in our
labs.  </i>




<form method="GET" ACTION="EXAMPLE.cgi">



<font color=FF0000>Warning: Your comments and votes will be publicly
recorded on the CVE web site.</font><p>

<textarea name=comments rows=5 cols=70></textarea>


<table border=2 cellpadding=2>

<td><b>Voter Name</b>
<font color=FF0000>christey</font>
<select name=vote>
<option value="NOVOTE">-- Select Vote Here --
<option value="VOTED">-- Already Voted --
<option value="NOVOTE">-------------
<option value="ACCEPT VENDOR">ACCEPT - Vendor confirmed
<option value="ACCEPT TRUSTED">ACCEPT - Announced or verified by trusted party
<option value="ACCEPT INDEP">ACCEPT - Independent confirmation
<option value="ACCEPT SELF-VERIF">ACCEPT - Verified by me or my organization
<option value="ACCEPT OTHER">ACCEPT - Other
<option value="NOVOTE">-------------
<option value="MODIFY DESC">MODIFY - Change description
<option value="MODIFY REFS">MODIFY - Change references
<option value="MODIFY OTHER">MODIFY - Other
<option value="NOVOTE">-------------
<option value="NOOP EXPER">NOOP - Not my area of expertise
<option value="NOOP ABSTAIN">NOOP - Abstain from voting
<option value="NOOP OTHER">NOOP - Other
<option value="NOVOTE">-------------
<option value="REVIEWING RESEARCH">REVIEWING - Researching the problem
<option value="REVIEWING NONBIND">REVIEWING - Non-binding review
<option value="REVIEWING OTHER">REVIEWING - Other
<option value="NOVOTE">-------------
<option value="RECAST SPLIT">RECAST - Split into multiple candidates
<option value="RECAST MERGE">RECAST - Merge into a single candidate
<option value="RECAST OTHER">RECAST - Other
<option value="NOVOTE">-------------
<option value="REJECT DUPE">REJECT - Duplicate
<option value="REJECT NOT-REAL">REJECT - Problem report is false
<option value="REJECT NOT-CVE">REJECT - Should not be in CVE
<option value="REJECT VENDOR">REJECT - Vendor rejects - SOFTWARE VENDORS ONLY!
<option value="REJECT OTHER">REJECT - Other



<input type=hidden name=name value="CAN-2000-0449">
<input type=hidden name=cluster value="RECENT-21">

<input type=submit value="SUBMIT">



Page Last Updated: May 22, 2007