[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Two draft Editorial Board governance documents for review and comment

Finally managed to read these over the weekend. I have the following comments / questions:

CVE Editorial Board Member Roles, Tasks, and Qualifications

1) I assume the "Implementers" role is what was previously referred to as the "Technical" role. What is the reason for changing this name? "Implementers" suggest to me that these are people implementing CVE into products in general. While the description does mention that ("[...] such as individuals who integrate CVE Identifiers into products."), then it seems the primary responsibility is really CVE content feedback to ensure coverage and technical accuracy i.e. more technical advisors.

2) We have a public list of the CVE Editorial Board members, but do we anywhere list members' primary roles (either publicly or privately within the board)? Being able to easily see which primary role each member has could be useful.

3) I agree with Ken that a system to easily provide comments to CVEs would make the process of providing feedback much easier. It would also allow CVE Editorial Board members to see the feedback provided. The current process of having to email feedback combined with emails at times seemingly ending up in some black hole doesn't really encourage providing feedback.


Processes for Adding and Removing CVE Editorial Board Members

4) The two links to the archives return 404s

5) The draft mentions that addition of new board members can occur based on recommendation from existing board members, but does not describe how this should occur. Just an email to the board list or a specific CVE team member?

6) The draft does not mention if existing board members can suggest removal of existing board members similar to proposing addition of new ones and, if so, how this should be done and to whom.

cheers,
/Carsten



On Wed, Mar 25, 2015 at 6:52 PM, Boyle, Stephen V. <sboyle@mitre.org> wrote:
Dear Board Members,

Please find attached two documents for your review and comments:
- "CVE Editorial Board Member Roles Tasks and Qualifications"
- "Adding and Removing CVE Editorial Board Members"

What we are requesting from you:
- Please review the documents and send us your comments before April 13th.
- If you do not have any comments or suggestions, a quick email to us
   saying so will record the fact that you have read and reviewed the drafts.

A team within CVE, led by Tiffany Bergeron, has created these drafts based
on prior practice, comments, suggestions and thoughts on the topics. Both
of  these documents are offered as initial drafts, and your comments will
allow us to incorporate changes and/or tee up items for discussion at the
Board meeting during RSA.

When final, these will become part of the formal set of governance documents
for the CVE Editorial Board and will be posted on the CVE web site.

We appreciate your attention to our request and, as always, we sincerely
thank you for your time and effort.

Best Regards,
The MITRE CVE Team

Page Last Updated or Reviewed: April 14, 2015