Re: [COMPAT] Draft NIST Recommendation for CVE-Compatible Products
It's very nice to see the CVE come this far. Congratulations, Steve!
>The draft NIST recommendation for the usage of CVE-compatible products
>is available for commentary by February 18.
> The draft NIST recommendation "Use of the CVE Vulnerability Naming
> Scheme Within its Acquired Products and Information Technology
> Security Procedures" advises agencies on the use of the Common
> Vulnerability and Exposures (CVE) vulnerability naming scheme. It
> recommends that agencies give substantial consideration to buying
> products and services compatible with the CVE naming scheme. The
> recommendation also advises agencies to periodically monitor their
> systems for vulnerabilities listed in the CVE vulnerability naming
> scheme. Agencies are also advised to use the CVE naming scheme in
> their communications and descriptions of vulnerabilities. You are
> invited to submit any comments you may have to both Peter Mell and
> Timothy Grance at firstname.lastname@example.org and email@example.com by
> February 18, 2002.
Pascal Meunier, Ph.D., M.Sc.
Assistant Research Scientist,