[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: CVE ID Syntax Change - Second Round Voting Ballot (Deadline Wednesday, May 22, 2013, 11:59 PM EDT)


Enter your votes as specified in the preceding "Instructions" and "Filling out the ballot" sections.



Option B

REASONS (first choice):

Allows for a longer period of time to update to the new format since this choice is transparent until a threshold where five digits will be needed. Additionally, this choice removes any technical constraints that would possibly exist with a smaller address space. As in the previous round of voting we would prefer that with this choice a constraint be provided that caps the maximum size to a large but reasonable number of digits (last round we suggested 19 but any number larger than 9 or 10 would be imaginably sufficient). We are concerned that absent this constraint implementers will choose their own limits potentially choosing too small of a value without other guidance. To be clear, every implementer will need to make some choice in order to avoid input issues. Regarding the use of zero padding for less than four digits, our preference would be to simply start assigning at 1000 to eliminate the need for padding and the associated required syntax support for parsing.



Option A

REASONS (second choice):

Leading zeros seems to reduce legibility for human use and would force all implementers to accept this format as soon as it was in use.



Page Last Updated or Reviewed: October 03, 2014