[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Juniper to be added to the official list of CNAs

On Mon, Apr 25, 2016 at 5:28 AM, Art Manion <amanion@cert.org> wrote:
On 2016-04-23 02:56, Carsten Eiram wrote:

I do believe that the board is editorial/advisory only.  For example, if
the board votes 9-1 against a new CNA, can MITRE just approve the CNA
anyway?  I'm not suggesting MITRE would just ignore board input
(especially a 9-1 opinion), but before we go to the effort of setting up
voting rules, I'd like to be clear what power board votes actually have.

Yes, it is my understanding too that the Board is advisory only. That is not a concern of mine; MITRE should have the freedom to go against a vote for whatever reasons they may have. I would just in such cases expect MITRE to provide their reasoning for disregarding the vote.

Even so, one must presume that each of us were elected on the Board for a reason and based on our varying backgrounds may be able to contribute with insight that others do not necessarily possess. It, therefore, seems in MITRE's best interest to ensure they get feedback and votes from all Board members during anything that is deemed important enough to vote about. On that note, I actually care more about the reasoning provided by each Board member when voting than the vote itself. If one Board member clearly has more knowledge / experience about a given issue being voted on, I'd consider that feedback (and resulting vote) more valuable than just looking at the majority vote alone. Hopefully, MITRE does the same.

Finally, MITRE recently stated that they considered the charters "dated and in need of updating to better reflect the Board's advisory role". It seems appropriate that MITRE prioritizes updating the charter to have it reflect their current perception of the Board's role. That'll allow us to better understand what is expected of Board members as well as the power of votes and feedback.

Page Last Updated or Reviewed: April 26, 2016