RE: Proposal: CVE candidate/approved numbering scheme

To: "CVE (E-mail)" <cve-review@linus.mitre.org>
Subject: RE: Proposal: CVE candidate/approved numbering scheme
From: Russ <Russ.Cooper@rc.on.ca>
Date: Thu, 20 May 1999 12:26:43 -0400

>Just exactly why would you need CAN-numbers in bulk? The most
>vulnerabilities I've ever seens any one organization publish in
>a single day has been three or four.

Whenever a new CNA comes on board, they are likely to believe they will
have a number of Candidates that are not already in the CVE. They may
also prefer to have numbers ready in advance of a discovery just to
avoid having to pick them up one at a time. I am not imagining that
every CNA will want hundreds of numbers at their finger-tips, but their
internal mechanisms may dictate that they have some on hand.

It was just a suggetion to allow the mechanism to scale to any demand
rather than to assume they'll always be a one-to-one relationship
between discovery and picking up a CAN number.

Not crucial, just a nice-to-have.

Cheers,
Russ - NTBugtraq Editor

Prev by Date: Re: Proposal: CVE candidate/approved numbering scheme
Next by Date: Re: Proposal: CVE candidate/approved numbering scheme
Prev by thread: Re: Proposal: CVE candidate/approved numbering scheme
Next by thread: Re: Proposal: CVE candidate/approved numbering scheme
Index(es):
- Date
- Thread

Page Last Updated or Reviewed: May 22, 2007

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.