[CVEPRI] Important changes to CVE candidates and voting
In light of recent discussions, especially those at the last Editorial
Board meeting, the following changes to CVE candidates and the voting
process are being made. These changes begin with the next round of
new candidates, which will be proposed tomorrow.
1) Each candidate has a special "Analysis" slot that provides analysis
and commentary that came out of the submission stage, i.e. the
conversion of raw data into candidates. Included in the analysis
are the affected content decisions and reasons why the content
decisions apply. (See below).
Analysis results will not be available on the public web site for
the moment, due to engineering requirements. However, the
Editorial Board voting site will include these, as will each
proposal to the Board mailing list. Analysis results will be made
available to the public at a later date.
2) The voting ballots that are sent to the mailing list now include an
additional field, ACCEPT_REASON. If you ACCEPT or MODIFY a
candidate, you should provide a reason in this field. These
reasons mirror those that are on the voting web site.
3) Based on feedback from the Editorial Board over the past few
months, content decisions will now be treated as high-level
guidance instead of hard-and-fast rules. As Board members ACCEPT
various candidates, any related CD's will be annotated to include
those candidates as precedents. Those precedents in turn will
guide the application of CD's for later candidates. However, the
Board will be given the freedom to override the guidance in the
CD's. The CVE Editor (i.e. me) and the rest of the CVE content
team will do its best to ensure consistency in the application of
The Analysis field provides a high-level description of each CD and
why they apply to that particular candidate. This will help
address some Board members' concerns that not enough concrete,
specific examples have been provided in the past.
If you ABSTAIN or NOOP a lot, but you care about content decisions,
then you should still view the affected candidates and comment if
necessary. You can find affected candidates via string search in
the initial ballots that are posted to the Editorial Board mailing
list, or in the "Interesting candidates" sections on the voting web
site. Further enhancements to the voting web site are expected to
4) Content decisions will be made available on the voting web site at
a later date. Most CD's, however, have been discussed on this
list, so voters would already be aware of the surrounding issues.
5) All older candidates that are affected by CD's will be annotated
with an Analysis field accordingly and re-introduced to Board
members, whether in the form of customized ballots for individual
members, or by re-proposal to the whole Board.
6) Participating Board members have almost unanimously advocated a
"split-by-default" approach when there is insufficient information
to determine whether a single candidate or multiple candidates
should be created. This is being implemented accordingly.
7) After proposal to the Board and upload to the CVE web site, all
newly created candidates will be posted to the cve-data-update
mailing list so that non-Board consumers of candidates can receive
timey updates of candidate information.
Feedback, as usual, is welcome.