[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: FW: Proposed Working group and workshop

I am interested as well.

-Harold

-----Original Message-----
From: owner-cve-editorial-board-list@lists.mitre.org 
[mailto:owner-cve-editorial-board-list@lists.mitre.org] On Behalf Of 
Art Manion
Sent: Friday, August 26, 2016 1:53 PM
To: Landfield, Kent B <kent.b.landfield@intel.com>; 
cve-editorial-board-list <cve-editorial-board-list@LISTS.MITRE.ORG>
Subject: Re: FW: Proposed Working group and workshop

On 2016-08-26 08:30, Landfield, Kent B wrote:

> So what do we want CVE to look like in 3-5 years?  How do we plan on 
> getting there?
> 
> On the Board call today I suggested we create a working group to try 
> to address some of those questions. This is a working group as 
> identified in the Charter. Instead of waiting weeks to get started, I 
> suggested we create the WG as an ad-hoc working group until the 
> Charter is approved and then we can ‘officially anoint’ it.

Sign me up.  Does this WG include the full board yet :) ?

On 2016-08-26 11:14, Williams, Ken wrote:
> Comprehensive CVE coverage of ALL vulnerabilities is a worthwhile 
> goal 
> to consider in such a WG.

Agree.

On 2016-08-26 12:02, Kurt Seifried wrote:
> Stupid Question but why are we being so stingy with CVEs? We should 
> be 
> handing them out like candy, and putting the "important" ones into 
> the 
> database (and accepting well formed database submissions from all).

Agree.

On 2016-08-26 08:30, Landfield, Kent B wrote:
> So what do we want CVE to look like in 3-5 years?  How do we plan on 
> getting there?

Some caution here:  3-5 years out in internet time is, IMO, not 
predictable.  I do think we can pick some direction/priorities, and 
make some design choices that should enable flexibility when the future 
arrives, but I'm not a fan of putting lots of effort into a 5 year plan 
we'll have to throw away in <2 years.

Regards,

 - Art
Page Last Updated or Reviewed: August 29, 2016