|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Agenda for CVE Board Meeting May 3
- To: cve-editorial-board-list <cve-editorial-board-list@lists.mitre.org>
- Subject: Agenda for CVE Board Meeting May 3
- From: "Adinolfi, Daniel R" <dadinolfi@mitre.org>
- Date: Tue, 2 May 2017 20:32:12 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is 129.83.29.2) smtp.mailfrom=LISTS.MITRE.ORG; mitre.mail.onmicrosoft.com; dkim=none (message not signed) header.d=none;mitre.mail.onmicrosoft.com; dmarc=none action=none header.from=mitre.org;
- Delivery-date: Tue May 2 16:45:24 2017
- List-help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
- List-owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
- List-subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
- List-unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
- Sender: <owner-cve-editorial-board-list@lists.mitre.org>
- Spamdiagnosticmetadata: 6cdb8bfc89744bd8bfee511e3e65aa05
- Spamdiagnosticoutput: 1:2
- Thread-index: AQHSw4MtgapeyM089ka1BLQXo8N+9Q==
- Thread-topic: Agenda for CVE Board Meeting May 3
- User-agent: Microsoft-MacOutlook/f.21.0.170409
|
Greetings, Here is the agenda for the CVE Board teleconference on Wednesday, May 3 at 2PM - 4PM. Regards, The CVE Team >>>>> ___ CVE Board Meeting 3 May 2017 Agenda 2:00 – 2:05: Introductions, action items from the last meeting - Chris Coffin 2:05 – 2:35: Interview Board Member Candidate - CVE Board 2:35 – 2:55: Working Groups Strategic Planning - Harold Booth/Art Manion/Kent Landfield Issues Actions Board Decisions Automation - Harold Booth/Kurt Seifried Issues Actions Board Decisions 2:55 – 3:20: CNA Update DWF – Kurt Seifried Issues Actions Board Decisions General - Dan Adinolfi Issues Actions Board Decisions 3:20 – 3:30: CNA Report Card for First Quarter 2017 Follow-up - Dan Adinolfi 3:30 – 3:40: Formal CNA Rules Change - 24-hour notification limit upon CVE ID used publicly - Chris Coffin 3:40 – 3:55: Discussion: Three potential topics: 1) Should CNAs assign CVE IDs to bundled third-party components where the component isn't in their scope, strictly speaking? Should they instead assign through the DWF for OSS, for
example? 2) We will consider whether Working Groups can run pilots without the Board's permission, and in what form should that permission come? 3) There is a suspicion that most people they do not know how to interact with the Board (e.g., just email random members?), so contacting MITRE and doing it via MITRE seems reasonable,
but also a potential conflict of interest as it were. The Board should start a laundry list of process/procedural things that might need fixing.
3:55 – 4:00: Action items, wrap-up – Chris Coffin |
- Prev by Date: Re: Jenkins and DWF assignment
- Next by Date: RE: Current standards/criteria for 'Undefined Behavior'
- Previous by thread: Re: Jenkins and DWF assignment
- Next by thread: Current and future CVE states
- Index(es):