[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Candidate numbering scheme
- To: cve-review@linus.mitre.org
- Subject: RE: Candidate numbering scheme
- From: Craig Ozancin <cozancin@axent.com>
- Date: Mon, 17 May 1999 12:36:05 -0400
All, Having done some serious traveling last week I was somewhat brain dead when I made my last posts. I have given the candidate numbering scheme some thought. 1. We definitely need the candidate numbering scheme. It give the steering committee a common reference to the vulnerability. 2. If these number are public, how will be get people to stop using them when vulnerabilities are accepted and given a real CVE number. Once some starts referring to a candidate number, they are likely to continue to refer to that number even after the it receives a official CVE number. 3. If the vulnerability is not made public until an official CVE number is assigned, we will miss out on the discussions/validations that an open public forum will give us. These are just my current thoughts. I think that the CVE is a great step in the right direction. Craig Ozancin AXENT Technologies
- Follow-Ups:
- RE: Candidate numbering scheme
- From: Gene Spafford <spaf@cs.purdue.edu>
- RE: Candidate numbering scheme
- Prev by Date: RE: Candidate numbering scheme
- Next by Date: Tool Mapping Update
- Prev by thread: RE: Candidate numbering scheme
- Next by thread: RE: Candidate numbering scheme
- Index(es):
