RE: Second Round ID Syntax vote declared valid

["Boyle, Stephen V." <sboyle@mitre.org>]

All in the works. Stay tuned for both announcements and calls for Board participation in the coming few days.

 

Thanks,
Steve

 

From: Kent_Landfield@McAfee.com [mailto:Kent_Landfield@McAfee.com]
Sent: Friday, June 07, 2013 1:26 PM
To: Boyle, Stephen V.; cve-editorial-board-list
Subject: Re: Second Round ID Syntax vote declared valid

 

Ok, we have a format….  Congrats; Great.  Now we need to plan how to communicate this to the rest of the world.

·         FAQ / FAQ page on the CVE site?

·         What are we going to call this, CVE 2.0 ?

·         Are we going to reach out to each of the 75 companies that are CVE-Compatible to assure they know?

·         Have existing CNAs been notified?

·         How do we proactively notify the community of developers and organizational staff that they may have work to be able to assure they can leverage the change? (MITRE Booth at events such as BlackHat, others???, Press/rags?)

·         Etc… 

A transition and outreach plan is needed here.  Our work is not done.  We, of course, need to work with our own organizations but as Board members, we need to assist in getting the message out.  Thoughts on being effective at it?

 

Kent Landfield

McAfee | An Intel Company
Direct: +1.972.963.7096 
Mobile: +1.817.637.8026
Web: www.mcafee.com

 

From: <Boyle>, "Stephen V." <sboyle@mitre.org>
Date: Thursday, June 6, 2013 10:49 AM
To: cve-editorial-board-list <cve-editorial-board-list@lists.mitre.org>
Cc: "Boyle, Stephen V." <sboyle@mitre.org>
Subject: Second Round ID Syntax vote declared valid

 

As specified in our email last week, the period to allow a second to the motion to

rescind the most recent vote closed yesterday, June 5th, 2013 at 11:59 PM EDT.

 

We did not receive any second to the motion to rescind, either publicly or privately.

 

As of today, June 6th 2013, Option B has been selected as the new ID Syntax for CVE

beginning 1 January 2014.

 

To reprise, Option B specifies the following:

 

-  Variable length

- 4-digit Year + four fixed digits for IDs up to 9999

- IDs 0001 through 0999 padded with leading zeros

- IDs over 9999 will expand as needed, no leading zeros

 

Examples:

- Four digit IDS (through 9999)

    - CVE-2014-0001, CVE-2014-0999

    - CVE-2014-1234, CVE-2014-9999

 

- Five digit IDS (> 9999)

    - CVE-2014-10000, CVE-2014-54321, CVE-2014-99999

 

- Six digit IDS (> 99999)

    - CVE-2014-100000, CVE-2014-123456, CVE-2014-999999

 

- Etc., as needed

 

We again want to express our sincere thanks and gratitude to the Board for all of

the discussion and engagement as we went through this process.  Your combined

attention and efforts have once again moved CVE forward, to the benefit of the

community as a whole.

 

Thank you.

 

Best Regards,

The MITRE CVE Team