|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Notice of Pilot Activity in CVE Auto WG
- To: "cve-editorial-board-list@lists.mitre.org" <cve-editorial-board-list@lists.mitre.org>
- Subject: Notice of Pilot Activity in CVE Auto WG
- From: "Booth, Harold (Fed)" <harold.booth@nist.gov>
- Date: Mon, 8 May 2017 21:08:58 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is 129.83.29.3) smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (message not signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=none header.from=nist.gov;
- Cc: cve-board-auto-list <cve-board-auto-list@lists.mitre.org>
- Delivery-date: Tue May 9 07:47:51 2017
- List-help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
- List-owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
- List-subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
- List-unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
- Sender: <owner-cve-editorial-board-list@lists.mitre.org>
- Spamdiagnosticmetadata: 6cdb8bfc89744bd8bfee511e3e65aa05
- Spamdiagnosticoutput: 1:2
- Thread-index: AdLIPXFZt5GwZZF0QtiX2zCa7r/aiA==
- Thread-topic: Notice of Pilot Activity in CVE Auto WG
|
Per discussion on the last board call it has been requested that all WGs send a brief notice to the board to both inform the board and provide an opportunity for the board to give input on any pilots. The CVE Automation Working Group is proposing to run a pilot using a private MITRE-hosted GIT repository to investigate the requirements surrounding the automation of updating and retrieving the CVE JSON data. We hope to learn not only
what features are necessary to support the “plumbing” of sending and receiving the data, but also what attributes and metadata are needed in the CVE format to support automation. Participants will be MITRE and members of the CVE Auto WG with the goal for participants
to update their CVEs using the format in the GIT repo and for participants to update and receive updated information through the GIT repo. Participants will be the only ones with access to the GIT repository. All participants should understand that this is
only a pilot and as such there is no guarantee that any eventual solution will look anything like the pilot. Initial proposed pilot is planned to run no later than through August 21st and if we need to extend the pilot we will come back to the board to request
an extension. Unless there are any sustained objections the pilot will start in earnest on May 15th (the next CVE auto WG call). |
- Follow-Ups:
- RE: Notice of Pilot Activity in CVE Auto WG
- From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
- RE: Notice of Pilot Activity in CVE Auto WG
- Prev by Date: Re: Current and future CVE states
- Next by Date: RE: Current standards/criteria for 'Undefined Behavior'
- Previous by thread: Re: Current and future CVE states
- Next by thread: RE: Notice of Pilot Activity in CVE Auto WG
- Index(es):