[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[CVEPRI] Agenda and details for June 29 teleconference



All,

Below is a detailed agenda for Thursday's teleconference, along with
details on how to connect.  For this meeting, there are no separate
Powerpoint slides.

The CyberCrime treaty statement will be the first topic.  Gary Gagnon
will be available at that time.

- Steve



Meeting Details
---------------

Date: Thursday, June 29, 2000
Time: 1 PM Eastern Daylight Time (5 PM Greenich Mean Time)

Connecting to the telecon:
  Call 1-888-831-6080
  The passcode is 32455


Agenda
------

1) CyberCrime treaty statement overview
   - update, feedback, questions

2) Editorial Board
   - review and clarification of MITRE's role
     - communications related to daily CVE activities vs. "big issues"
   - non-CVE activities
     - alternate forums
   - recruitment of OS vendors
   - determining member participation and interest
     - "NOOP" or "AGREE/DISAGREE" is better than no response

3) CVE content update
   - Latest counts for entries, candidates, submissions
     - next CVE version
     - submission matching progress for legacy db's
     - basic considerations when moving to Interim Decision
   - pre-publication candidate assignment
     - public announcement to candidate publication
   - timeliness of candidates for new issues
     - movement from candidate to entry stage
   - vendor acknowledgement
   - reference maps

4) CVE content issues
   - posting of votes or updates to the list
   - use of candidates in highlighting potential items to merge
   - deep analysis
     - how deep should MITRE analysis go?
     - when/how to "tag" deep issues and involve Board?
     - should we/can we seek outside help?
     - how to attach deep analysis to results?
   - modifications to CVE
     - recasts, deprecations, candidate rejections

5) Content decisions
   - level of formality and Board review/approval
   - CD:VOTE
   - default "split" actions
     - introduction with new candidates
     - linking to "similar/same" candidates
     - CVE version maintenance issues
   - CD:SF-EXEC
   - CD:SF-LOC
   - introduction of specific inclusion/abstraction CD's for
     new classes of vulnerabilities
     - shopping cart problems

6) Upcoming web site enhancements
   - new design
   - announcement lists
   - reference maps
   - CVE version info
   - data feed credits page
   - content decisions
   - voting site

7) Community feedback on CVE
   - requests for CVE enhancements (founded or unfounded)
     - hot links for references
     - inclusion of viruses/Trojan horses
     - risk
     - level of trust / accuracy of entries
     - general VDB capabilities
     - alternate formats

Page Last Updated or Reviewed: May 22, 2007