[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Re: CD PROPOSAL: EXCLUSION - Interim Decision 8/23
"Steven M. Christey" wrote:
>
> Please vote on this pervasive content decision using the space
> provided below.
>
> Note that the requirement for sufficient validation will be one of the
> EXCEPTION content decisions.
>
> Content Decision: EXCLUSION (What to exclude from the CVE)
> ----------------------------------------------------------
>
VOTE: REJECT
I'm unclear why it's helpful to specify the criteria both in the positive and
the negative. Let's just do it one way and assume that most of us can figure
out the negation on the fly if necessary (being smart humans with big brains
... some days at least).
>
> (Member may vote ACCEPT, MODIFY, REJECT, or NOOP.)
>
> A candidate vulnerability may not be included in the CVE if any of the
> following conditions hold:
>
> 1) It does not satisfy the CVE vulnerability definition
>
> 2) It is not publicly known
>
> 3) It is excluded via any EXCEPTION content decision (defined
> elsewhere)
>
> 4) Less than 50% of active voting members vote to ACCEPT or MODIFY
> the candidate
>
> 5) Less than 2 non-MITRE members from different organizations vote on
> the candidate
--
Stuart Staniford-Chen --- President --- Silicon Defense
stuart@silicondefense.com
(707) 822-4588 (707) 826-7571 (FAX)