[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Candidate numbering scheme

To: cve-review@linus.mitre.org
Subject: RE: Candidate numbering scheme
From: Craig Ozancin <cozancin@axent.com>
Date: Mon, 17 May 1999 12:36:05 -0400

All,

Having done some serious traveling last week I was somewhat brain dead when
I made my last posts.

I have given the candidate numbering scheme some thought.

1. We definitely need the candidate numbering scheme. It give the steering
committee a common reference to the vulnerability.

2. If these number are public, how will be get people to stop using them
when vulnerabilities are accepted and given a real CVE number. Once some
starts referring to a candidate number, they are likely to continue to refer
to that number even after the it receives a official CVE number.

3. If the vulnerability is not made public until an official CVE number is
assigned, we will miss out on the discussions/validations that an open
public forum will give us.

These are just my current thoughts. I think that the CVE is a great step in
the right direction. 

Craig Ozancin
AXENT Technologies

Follow-Ups:
- RE: Candidate numbering scheme
  - From: Gene Spafford <spaf@cs.purdue.edu>

Prev by Date: RE: Candidate numbering scheme
Next by Date: Tool Mapping Update
Prev by thread: RE: Candidate numbering scheme
Next by thread: RE: Candidate numbering scheme
Index(es):
- Date
- Thread

Page Last Updated or Reviewed: May 22, 2007

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.