|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Naming Working Group
- To: Multiple recipients <LISTSERV@LISTS.MITRE.ORG>
- Subject: Naming Working Group
- From: "Adinolfi, Daniel R" <dadinolfi@mitre.org>
- Date: Wed, 25 Jan 2017 18:07:47 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is 129.83.29.3) smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (message not signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=none header.from=mitre.org;mitre.org; dkim=none (message not signed) header.d=none;
- Delivery-date: Wed Jan 25 16:49:29 2017
- List-help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
- List-owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
- List-subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
- List-unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
- Sender: <owner-cve-editorial-board-list@lists.mitre.org>
- Spamdiagnosticmetadata: 6cdb8bfc89744bd8bfee511e3e65aa05
- Spamdiagnosticoutput: 1:2
- Thread-index: AQHSdzXvOwUsM4HzZESUXMmRQvtSGQ==
- Thread-topic: Naming Working Group
- User-agent: Microsoft-MacOutlook/f.1d.0.161209
|
Greetings, The CVE Board has created a new Working Group, the Naming Working Group. We would like to invite all members of the CVE Board and the CNAs to participate. This Working Group is also open to members of the
CWE and CAPEC projects. The Naming Working Group will review our Abstraction rules. Where there are gaps between different naming systems (such as CVE, CWE, or CAPEC), the Working Group will clearly identify those gaps and consider
changes to CVE Abstraction rules to allow for reasonable and consistent naming for these cases. For example, branded security issues (such as FREAK or Badlock) can be far more complex than a typical vulnerability, and formal naming conventions fail to address
this kind scenario. (For FREAK, CVE IDs were assigned for the FREAK exploit in many products, but FREAK itself could not be easily "named".) If you are interested in participating, the first step would be to join the Working Group discussion list, cve-board-naming-list@lists.mitre.org. To join, either respond to this message or email cve@mitre.org with the request. Specific agendas and goals will be discussed on that list once it is populated. Please let us know if you have any questions. Thanks. -Dan _________________________ Daniel Adinolfi, CISSP Lead Cybersecurity Engineer, The MITRE Corporation CVE Communications and CNA Coordinator Email: <dadinolfi@mitre.org> Phone: 781-271-5774 |
- Prev by Date: Re: Documentation tree
- Next by Date: CVE Strategy Directions
- Previous by thread: Re: Review request: CVE website news article regarding CVE ID number size
- Next by thread: CVE Strategy Directions
- Index(es):