[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Proposal: CVE candidate/approved numbering scheme
- To: "CVE (E-mail)" <cve-review@linus.mitre.org>
- Subject: RE: Proposal: CVE candidate/approved numbering scheme
- From: Russ <Russ.Cooper@rc.on.ca>
- Date: Thu, 20 May 1999 12:26:43 -0400
>Just exactly why would you need CAN-numbers in bulk? The most >vulnerabilities I've ever seens any one organization publish in >a single day has been three or four. Whenever a new CNA comes on board, they are likely to believe they will have a number of Candidates that are not already in the CVE. They may also prefer to have numbers ready in advance of a discovery just to avoid having to pick them up one at a time. I am not imagining that every CNA will want hundreds of numbers at their finger-tips, but their internal mechanisms may dictate that they have some on hand. It was just a suggetion to allow the mechanism to scale to any demand rather than to assume they'll always be a one-to-one relationship between discovery and picking up a CAN number. Not crucial, just a nice-to-have. Cheers, Russ - NTBugtraq Editor
- Prev by Date: Re: Proposal: CVE candidate/approved numbering scheme
- Next by Date: Re: Proposal: CVE candidate/approved numbering scheme
- Prev by thread: Re: Proposal: CVE candidate/approved numbering scheme
- Next by thread: Re: Proposal: CVE candidate/approved numbering scheme
- Index(es):
