[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
RE: FW: Proposed Working group and workshop
I am interested as well.
-Harold
-----Original Message-----
From: owner-cve-editorial-board-list@lists.mitre.org
[mailto:owner-cve-editorial-board-list@lists.mitre.org] On Behalf Of
Art Manion
Sent: Friday, August 26, 2016 1:53 PM
To: Landfield, Kent B <kent.b.landfield@intel.com>;
cve-editorial-board-list <cve-editorial-board-list@LISTS.MITRE.ORG>
Subject: Re: FW: Proposed Working group and workshop
On 2016-08-26 08:30, Landfield, Kent B wrote:
> So what do we want CVE to look like in 3-5 years? How do we plan on
> getting there?
>
> On the Board call today I suggested we create a working group to try
> to address some of those questions. This is a working group as
> identified in the Charter. Instead of waiting weeks to get started, I
> suggested we create the WG as an ad-hoc working group until the
> Charter is approved and then we can ‘officially anoint’ it.
Sign me up. Does this WG include the full board yet :) ?
On 2016-08-26 11:14, Williams, Ken wrote:
> Comprehensive CVE coverage of ALL vulnerabilities is a worthwhile
> goal
> to consider in such a WG.
Agree.
On 2016-08-26 12:02, Kurt Seifried wrote:
> Stupid Question but why are we being so stingy with CVEs? We should
> be
> handing them out like candy, and putting the "important" ones into
> the
> database (and accepting well formed database submissions from all).
Agree.
On 2016-08-26 08:30, Landfield, Kent B wrote:
> So what do we want CVE to look like in 3-5 years? How do we plan on
> getting there?
Some caution here: 3-5 years out in internet time is, IMO, not
predictable. I do think we can pick some direction/priorities, and
make some design choices that should enable flexibility when the future
arrives, but I'm not a fan of putting lots of effort into a 5 year plan
we'll have to throw away in <2 years.
Regards,
- Art