[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Re: Proposed Working group and workshop
Art wrote:
Some caution here: 3-5 years out in internet time is, IMO, not
predictable. I do think we can pick some direction/priorities, and
make some design choices that should enable flexibility when the future
arrives, but I'm not a fan of putting lots of effort into a 5 year plan
we'll have to throw away in <2 years.
I can’t agree more….
---
Kent Landfield
+1.817.637.8026
On 8/26/16, 12:52 PM, "Art Manion" <amanion@cert.org> wrote:
On 2016-08-26 08:30, Landfield, Kent B wrote:
> So what do we want CVE to look like in 3-5 years? How do we plan
on
> getting there?
>
> On the Board call today I suggested we create a working group to
try to
> address some of those questions. This is a working group as
identified
> in the Charter. Instead of waiting weeks to get started, I
suggested we
> create the WG as an ad-hoc working group until the Charter is
approved
> and then we can ‘officially anoint’ it.
Sign me up. Does this WG include the full board yet :) ?
On 2016-08-26 11:14, Williams, Ken wrote:
> Comprehensive CVE coverage of ALL vulnerabilities is a worthwhile
> goal to consider in such a WG.
Agree.
On 2016-08-26 12:02, Kurt Seifried wrote:
> Stupid Question but why are we being so stingy with CVEs? We
should
> be handing them out like candy, and putting the "important" ones
into
> the database (and accepting well formed database submissions from
> all).
Agree.
On 2016-08-26 08:30, Landfield, Kent B wrote:
> So what do we want CVE to look like in 3-5 years? How do we plan
on
> getting there?
Some caution here: 3-5 years out in internet time is, IMO, not
predictable. I do think we can pick some direction/priorities, and
make
some design choices that should enable flexibility when the future
arrives, but I'm not a fan of putting lots of effort into a 5 year
plan
we'll have to throw away in <2 years.
Regards,
- Art