[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVE Advancements

Let me note, from a historical perspective, that CERIAS hosted a
workshop on vulnerability databases here in January 1999.  The MITRE
folks presented at that workshop, and decided to make their efforts
public as a result.  The CVE was "born" in a sense as a
result of that meeting, although much of the work had been done prior.
See http://www.ieee-security.org/Cipher/ConfReports/1999/CR1999-WVDB99.html

(I helped organize the first workshop, too, at NIST, as I recall.  It
wasn't as well attended.)

It might be worthwhile to have a follow-up workshop for not only the
CVE, but some of the other players in the arena.  We could piggyback it
on our annual symposium here, in April, which might make it even more of
interest for some people to attend.

However, if I were to do that, I'd want some definite buy-in
from people, including some who would help with planning.  This is not
necessarily the same as a CVE editorial board meeting, which could be
done in conjunction or separately with a workshop.



Page Last Updated or Reviewed: January 30, 2016