[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[CVEPRI] Upcoming CVE Activities
- To: cve-editorial-board-list@lists.mitre.org
- Subject: [CVEPRI] Upcoming CVE Activities
- From: "Steven M. Christey" <coley@MITRE.ORG>
- Date: Tue, 24 Aug 2004 16:15:04 -0400 (EDT)
- Delivery-Date: Tue Aug 24 16:15:20 2004
- Sender: owner-cve-editorial-board-list@lists.mitre.org
All, It's been quiet on this mailing list, but it's hardly been quiet for CVE. I am about to release a new CVE version, but first, approximately 500 candidates will need to be moved to the INTERIM phase. That will be in a separate email, coming tonight. The new CVE version will include references to both OSVDB and OVAL. You may have noticed large scale additions of these references, and others, over the past couple of weeks. We will also be publishing the CVE and candidate lists in XML format. The CVE version *after that* will likely include promotions of many other candidates, as I am satisfied that content decisions like CD:SF-LOC and CD:SF-EXEC have proven themselves to be stable, repeatable, and reliable over the past couple years. The various Candidate Numbering Authorities have been using them independently, without any major errors (allowing for the fact that CNA assignment happens very early in the disclosure process.) We also have a number of candidates waiting in the wings to be created and proposed to the Editorial Board. My colleague on the CVE content team, Jen Schommer, has been diligently doing the background work on creating these new issues, which should only require light editing from me. I am grateful to her for her efforts. We have also been gearing up for our second round of evaluations for certificates of CVE Compatibility, especially in the area of mapping accuracy. We've established a team and done much of the background work and development necessary to complete these evaluations effectively. Barbara Pease, our longest-standing content team member, will lead this effort. While it is still in the very early stages, we have been taking a close look at how to handle configuration issues in CVE. Another content team member, Charles Schmidt, has been doing some of this development work, with Adam Shostack consulting. In recent months, I've received inquiries from various Editorial Board members regarding Board participation. Managing and communicating with the Editorial Board has been a lower priority than this long-overdue new CVE version, but it's clear that a teleconference is in order. I propose that we hold a telecon sometime during the week of September 13 through 17. Soon after this telecon, we will be saying goodbye to some Board members, and adding new ones who have been patiently waiting in the wings. - Steve
- Next by Date: [INTERIM] ACCEPT 480 candidates (Final Decision September 1)
- Next by thread: [INTERIM] ACCEPT 480 candidates (Final Decision September 1)
- Index(es):
