[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [CVEPRI] Handling new vulnerabilities discovered by Steve Christey


While the disclosure process is a divisive issue with passionate
advocates on both sides of the fence, please try to keep from getting
too personal on this list.  I'm not attempting to squelch the
discussion, but I'm getting a little concerned about some of the tone
of it.  Please remember that these posts are publicized on the CVE web

It was agreed a few months ago that Board members thought it would be
useful to discuss issues that were not directly related to CVE.  Scott
Blake created the cve-banter mailing list for discussion if non-CVE
issues became too distracting to normal Board activities.  I don't
believe that has happened with this portion of the thread yet, but we
might want to move further discussion to that list.

I'll keep my personal opinions out of the remainder of this discussion
in order to focus on being a neutral moderator.  Since CVE candidate
reservation is becoming part of the disclosure process for some
organizations or individuals, and the acceptance rate and accuracy of
candidates is directly affected by disclosure, I don't see a reason to
stop the discussion on this list.

- Steve

Page Last Updated or Reviewed: May 22, 2007