[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVE ID Syntax - Please Vote



All,

It's been three days, but we have only received 4 votes so far.  We believe that it's very important to get as many votes as possible, but at the very least we need to reach a minimum of 12 voters.  If you haven't done so yet, please submit your votes!

If you DON'T plan on voting, or you're waiting for some reason, then please let us know privately at <cve-id-change@mitre.org>.

Thank you,
Steve

======================================

CVE ID Syntax Change - Voting Ballot (Deadline April 14, 11:59 PM EDT)
----------------------------------------------------------------------

This is the official voting ballot for the CVE ID Syntax Change.

The voting period is from today until 11:59 PM US EDT on Sunday, April
14, 2013.


Instructions
------------

A summary of the three options will be listed as OPTION A, OPTION B,
and OPTION C.

1) You MUST fill out the entire voting ballot and post it to the
   entire CVE Editorial Board mailing list.

2) All votes MUST be received by 11:59 PM US EDT on Sunday, April 14,
   2013.  Please allow for possible delays in email delivery and
   adjust accordingly.

3) There is only one vote per organization.

4) Only the FIRST valid voting ballot counts for each organization.  A
   valid voting ballot lists the first and second choice, and provides
   reasons for all three choices (details below).  If another ballot
   is received at a later time, only the first one will be counted.

5) A ballot will be marked as "invalid" and returned to the voter if
   any of the following occurs:

   - the first and second choices are not clearly identified
   - there is no reason provided for one or more choices
   - it is not clear which reason is associated with which option
   - the ballot is not published to the Editorial Board mailing list
   - the ballot is not received by the deadline.

   The voter may fix an invalid ballot and resubmit a valid ballot as
   long as the deadline has not been reached.

6) Other details about procedures are covered in the email sent to the
   CVE Editorial Board mailing list on March 26, 2013, with the
   subject "CVE ID Syntax Change Voting - Procedures and Timeline
   (starts April 1)".


Filling out the ballot
----------------------

1) As specified in the VOTING BALLOT below, clearly indicate your
   FIRST CHOICE, SECOND CHOICE, and LAST CHOICE.  For each choice,
   list either "OPTION A", "OPTION B", or "OPTION C".

   - Each option can only be listed once.

   - The FIRST choice is the syntax option that is your primary
     choice.  This is the option that you most want CVE to use.

   - The SECOND choice is the option that you would select *if* your
     FIRST choice is not accepted.

   - The LAST choice is the remaining option that is your lowest
     preference, i.e., is not your first or second choice.  Depending
     on your reasons, this last choice either (1) is not acceptable to
     you because it has problems that you believe are significant, or
     (2) is acceptable, but simply not as strong as the other two
     choices.

2) For each choice, fill out the associated REASONS section to give
   your reasons for supporting (or not supporting) your choice.  There
   is no limit on the length of your response, but the reasons must be
   in plain text and included inline with the form, not as an
   attachment.



=====================================================
SUMMARY OF OPTIONS
=====================================================

OPTION A: Year + 6 digits, with leading 0's

  Examples: CVE-2014-000001, CVE-2014-000999, CVE-2014-001234,
  CVE-2014-009999, CVE-2014-010000, CVE-2014-054321, CVE-2014-099999,
  CVE-2014-100000, CVE-2014-123456, CVE-2014-999999


OPTION B: Year + arbitrary digits, no leading 0's except IDs 1 to 999

  Examples: CVE-2014-0001, CVE-2014-0999, CVE-2014-1234,
  CVE-2014-9999, CVE-2014-10000, CVE-2014-54321, CVE-2014-99999,
  CVE-2014-100000, CVE-2014-123456, CVE-2014-999999, CVE-2014-1234567


OPTION C: Year + arbitrary digits + check digit

  Examples: CVE-2014-1-8, CVE-2014-999-3, CVE-2014-1234-3,
  CVE-2014-9999-3, CVE-2014-10000-8, CVE-2014-54321-5,
  CVE-2014-123456-5, CVE-2014-999999-5, CVE-2014-1234567-4


For the full text of the initial call for public feedback, see:

  http://cve.mitre.org/data/board/archives/2013-01/msg00011.html

  
=====================================================
VOTING BALLOT
=====================================================

Enter your votes as specified in the preceding "Instructions" and
"Filling out the ballot" sections.



FIRST CHOICE:


REASONS (first choice):





*****************************************************

SECOND CHOICE:


REASONS (second choice):





*****************************************************

LAST CHOICE:


REASONS (last choice):



Page Last Updated or Reviewed: October 03, 2014