|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVE Quality Working Group (CQWG) - Rescheduling KICK-OFF Meeting - DOODLE POLL
- To: CVE Editorial Board Discussion <cve-editorial-board-list@mitre.org>
- Subject: CVE Quality Working Group (CQWG) - Rescheduling KICK-OFF Meeting - DOODLE POLL
- From: "Bazar, Jo E." <jbazar@mitre.org>
- Date: Wed, 9 Jan 2019 16:08:27 -0500
- Accept-language: en-US
- Authentication-results: mitre.org; dkim=none (message not signed) header.d=none;mitre.org; dmarc=none action=none header.from=mitre.org;
- Cc: "Landfield, Kent" <kent_landfield@mcafee.com>, "Waltermire, David" <david.waltermire@nist.gov>, "Williams, Ken" <ken.williams@broadcom.com>, "Coffin, Chris" <ccoffin@mitre.org>
- Delivery-date: Wed Jan 9 16:43:01 2019
- Importance: high
- Thread-index: AdSoX3Ze/SoNtfmSSP+t7V5cIVTqtg==
- Thread-topic: CVE Quality Working Group (CQWG) - Rescheduling KICK-OFF Meeting - DOODLE POLL
|
Board Members, Attached below is a new Doodle Poll to reschedule the Quality Working Group (QWG) Kick off meeting (originally planned for December 19th). I have selected two days next week, Thursday, January 17th and Friday, January 18th. Let me know
if none of these times work for you. https://doodle.com/poll/2z5z823duwp8xp7u Regards, Chris From: Coffin, Chris Board Members, There is some significant interest from the Board list for starting this WG. Additionally, the members of the SPWG had a discussion about how this group could be used going forward. A highlight of this conversation was that we use the CQWG
to develop CVE use cases. We can start this process by reaching out to CVE end users and inviting them to talk about how they use CVE and what data is most important from their perspective. We have identified at least one CVE end user already, though we’d
be particularly interested if Board Members know of other good candidates for these kinds of discussions. I created a doodle poll with some options for the CQWG kick-off meeting. Let me know if none of these times work for you. Regards, Chris From: Landfield, Kent <Kent_Landfield@McAfee.com>
I agree. I will be happy to participate in the discussions as well. Thank you, Gracias, Grazie, 谢谢, Merci!, Спасибо!, Bedankt,
Danke!, ありがとう, धन्यवाद! -- Kent Landfield +1.817.637.8026 From: David Waltermire <david.waltermire@nist.gov>
I think establishing this WG is a great idea. I'd be happy to participate. Board Members, The CVE team would like to judge your level of interest in establishing a CVE Entry Quality Working Group. The main focus of the group would be on improving the quality of CVE entry content. The output of the group would be best practices
and guidelines on how to generate a CVE entry, and possibly propose changes to the CNA Rules.
Example issues the group could cover include:
·
Should the CVSS vector be allowed in a CVE Entry description?
·
What is the best way to describe relationships between products (e.g. Product A bundles Product B)?
·
If the only public data for two different vulnerabilities would result in an identical description, what should be done? Would the Board be interested in establishing the CVE Entry Quality Working Group, and are any Board members interested in stepping up to be the chair? Please respond by Friday Nov 30. The CVE Team |
- Prev by Date: ACTION: CNA Summit 2019 (Face-to-Face) - DOODLE POLL due by 1/18/19
- Previous by thread: ACTION: CNA Summit 2019 (Face-to-Face) - DOODLE POLL due by 1/18/19
- Index(es):