|
|
Here is the one page document we put together on future vision and direction of the program. We’d like to use this in the next response on the Oss-security mailing list discussion.
If anyone has any significant comments or suggestions, please try to provide them by COB tomorrow.
Chris Coffin The CVE Team
From: owner-cve-editorial-board-list@lists.mitre.org [mailto:owner-cve-editorial-board-list@lists.mitre.org]
On Behalf Of Coffin, Chris Ø
So it would appear many people are losing their mind on oss-security, which is not surprising as we haven't really educated people about what's up. Just a heads up to the Board on this, we will be putting together a response to all of the comments received so far on the oss-security mailing list. I expect to get something
sent out midday tomorrow. Ø
I would suggest we come up with a quick one page education document that covers the new way forwards and why it's better/more sustainable This is a great idea Kurt! We will draft something and get it sent out as soon as possible. Chris Coffin The CVE Team From:
owner-cve-editorial-board-list@lists.mitre.org [mailto:owner-cve-editorial-board-list@lists.mitre.org]
On Behalf Of Kurt Seifried So it would appear many people are losing their mind on oss-security, which is not surprising as we haven't really educated people about what's up. I would suggest we come up with a quick one page education document that covers the new way forwards and why it's better/more sustainable, major points to include: 1) moving forwards it's all about structured data and automation, random email requests is not sustainable 2) MITRE has minted many more CNAs (and continues to do so) so there won't need to be as many requests to MITRE 3) the DWF is in the process of doing the CVE Mentor and multiple CNA roll out, which will be way more efficient/easier then everyone in the OpenSource community having to poke MITRE constantly -- |
Attachment:
CVE_Vision_v2.docx
Description: CVE_Vision_v2.docx