[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
DoD and CVE
- To: cve-editorial-board-list <cve-editorial-board-list@mitre.org>
- Subject: DoD and CVE
- From: Kurt Seifried <kurt@seifried.org>
- Date: Wed, 10 Oct 2018 09:58:48 -0600
- Authentication-results: spf=softfail (sender IP is 198.49.146.235) smtp.mailfrom=seifried.org; imc.mitre.org; dkim=fail (signature did not verify) header.d=seifried-org.20150623.gappssmtp.com;imc.mitre.org; dmarc=none action=none header.from=seifried.org;
- Delivery-date: Wed Oct 10 12:01:42 2018
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seifried-org.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=fddbH5d4fMYId1chVWzGaplbmhm89Oh5OTPgitG+FCU=; b=RDBuLcCuEKxPDtje54cTvRGBt8Nvy0MnX+OusHX8Unu92yWIs46DzrHQLYokP2V+nQ v7T2YyGOpZK+Tyxjmc3ZrVCzDC4vKZ3CW56iv7cW7l6QSOlyIgNzvwf9Noozt3zay285 XKc1Fge1yGU+vnJvb65635OcgBqL/PEk19HCPi5dcV3M80jcd4ttLKcRRsCY93pUtIER 9/2s6cuqtMe8NyvUz/1hohtQGzXhGweT0n90U0vB9RZ0JxY36YxYh6WT+8HJLGT39OM+ sCprq9znj9svdbPeSpmP3/b3fMtuTJ6/9J5cx3RtbxcfmbvK7hzIAwb/pdz8cyNSacl6 fWeA==
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.org; h=mime-version:from:date:message-id:subject:to:content-type; s=selector1; bh=fddbH5d4fMYId1chVWzGaplbmhm89Oh5OTPgitG+FCU=; b=Ze3yyu9ddFNeABvwAGzThct4Rai3VMKIcTM/V5cadOZvCRshWgSpbCV8B/QVKPaW3+hkJ5M8ZMZH+WIrveyXu3B/cDrJimJB3+HoEGCd6M98ThDF5j9gEV4efvsd90YMnq/CCEaMHy4l5nfQApwxrs70xVps+cfefkn8uUD6b9o=
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
I can't help but feel like the DoD might need some CVE related help:
Also this raises the point of "CVE's are for public vulnerabilities" but should we maybe look at what public means/how it is defined (I imagine the DoD/related community would benefit from CVE, but not always be in a position to make the CVEs they assign truly public). Maybe a separate namespace/number space for this kind of thing? (ala IPv4 space 10.*, 172.16.* and so on).
--
Kurt Seifried
kurt@seifried.org
kurt@seifried.org
- Follow-Ups:
- Re: DoD and CVE
- From: Pascal Meunier <pmeunier@cerias.purdue.edu>
- Re: DoD and CVE
- Prev by Date: CVE Board Agenda - Wednesday, October 3, 2018
- Next by Date: Re: A note from GitHub about your repository
- Previous by thread: CVE Board Agenda - Wednesday, October 3, 2018
- Next by thread: Re: DoD and CVE
- Index(es):
