再保险:关于non-board-member帖子列表的问题

技术的事件序列,这是汤姆·米勒的消息是如何存档。我很感兴趣知道董事会成员认为应该从档案中删除消息。1。史蒂夫·博伊尔已经说过,为了强调,汤姆只读访问列表。2。只有董事会成员和某些斜方人员有权限发布列表。3所示。已经观察到史蒂夫,汤姆的消息被指向两个cve-id-change和董事会名单。4所示。汤姆的消息几乎肯定是*不*交付给董事会名单由于他只读权限,这可能导致反弹。 (If any Board member *did* receive such a message, please let us know.) 5. The message was (appropriately) delivered to cve-id-change because, as Steve already explained, we created it in order to receive input from everybody. 6. The account that is used to maintain the online Board archive is subscribed to both cve-editorial-board-list and cve-id-change. 7. Because cve-editorial-board-list was listed as a recipient, a program stored Tom's message in a Board-specific mail folder that is dedicated to public archival. 8. Typically, a manual verification step is performed to "clean up" stray messages that were actually rejected. The manual review step did not happen in this case. 9. As a result, Tom's message was publicly archived. For a previous example of the type of human error as described in item 8, seehttps://cve.mitre.org/data/board/archives/2013-04/msg00003.html——史蒂夫。> - - - - - - - - - - - >从原始信息:owner-cve-editorial-board-list@lists.mitre.org [mailto: owner-cve -> editorial-board-list@lists.mitre.org]代表博伊尔,斯蒂芬·v >发送:周三,9月2日下午4点45分2015 >:耶利哥< jericho@attrition.org >;cve-editorial-board-list < cve-editorial - > board-list@lists.mitre.org > > Cc:博伊尔,斯蒂芬·v < sboyle@mitre.org > >主题:RE:问题non-board-member帖子列表> >嗨布莱恩,> > >请史蒂夫或斜方说清楚发生了什么?> >当然可以,我很乐意。(我觉得我“a”史蒂夫如果不是““史蒂夫,所以足够近。)> >汤姆·米勒是订阅了编委会名单和其他的人一样>不是董事会成员。如你所知,汤姆,因为他是赞助>组织的一部分,是不允许编辑部。然而,CVE >长期实践向编辑部提供只读访问>列表作为某些人的礼貌;在这种情况下,我们的赞助商。>不是董事会成员的人可以看到,但是他们没有发布>特权,因为它们不是董事会成员。这是另一个原因>为什么我们保持独立,私人编辑才入股邮件列表——cve - > private-eboard-list。> > >鉴于米勒先生在一小时内回答> >周四晚上那篇文章…… > > That's not at all unusual for Tom, or lots of us. > > > ... when he would not have been included in the general distribution > > list, it is fair to say that he was BCC'd. > > Except that Tom was included in the general distribution list, as described above. > Because Tom sees Board list messages that go by, he wouldn't need a BCC or > other out-of-band notification of our request -- he saw it at the same time as > other members of the Editorial Board list. So, Tom is on the list, was on the list, > and was not BCC'd or otherwise given a preview of the email. > > > Further, that he was likely warned of the incoming post and encouraged to > reply to it. > > Except that Tom wasn't warned and he wasn't encouraged to reply. He read the > post, presumably on the Board list, and responded to cve-id-change (as we > requested) with his offer of help to publicize the change. More on this below. > > > Given Steve's mail specifically asked > > repliers to "contact cve-id-change@mitre.org if you wish to participate", > > which is odd for an Editorial Board posting... > > In the normal case, it would be odd to ask the Board to reply to another list. > However, in the case of the exceptional, singular event that was the change to > the CVE ID syntax, we asked people to respond to cve-id-change because we > were asking for lots of participation from others, not just the Board, and using > the cve-id-change list kept it all together. In addition, cve-id-change was an > open list so anyone could post, making it even more handy for replies from non- > Board members. The attendant Board message was a cut-and-paste of what we > were sending out. We simply previewed it to the Board members, thereby asking > them to reply to the same email address as everybody else. > > > it is doubly odd that a random non-board member would be involved. > > I hope I've sufficiently explained how that came about (above). > > I understand your concerns, and I appreciate the fact that you raised them here, > where they could be addressed. I invite and encourage you to continue to ask > questions and look for answers, especially when things seem odd or otherwise > squirrelly. > > I 'll close by saying that I can't tell you anything more than what I know and what > I remember, but I can personally assure you that MITRE has not and does not > circumvent the Board, in any way, with any person or organization. > > Best Regards, > Steve Boyle > CVE Project Leader > > -----Original Message----- > From: owner-cve-editorial-board-list@lists.mitre.org [mailto: owner-cve -发送的耶利哥> > editorial-board-list@lists.mitre.org]代表:周三,02年9月,2015年1时35点抵达>:cve-editorial-board-list < cve-editorial-board-list@lists.mitre.org > >主题:关于non-board-member帖子列表>重要性:高> >https://cve.mitre.org/data/board/archives/2014-09/msg00000.html> >:cve-editorial-board-list < cve-editorial-board-list@lists.mitre.org > >主题:请求包括董事会成员在一份新闻稿中关于CVE > IDsyntax改变>:“Christey,史蒂文·m·” > Date: Thu, 4 Sep 2014 19:12:43 +0000 > > Steve posted to the editorial board list, for members of the editorial > board and MITRE, asking about a press release. > > There was a single reply to this post: > >https://cve.mitre.org/data/board/archives/2014-09/msg00003.html> >:“cve-id-change@mitre.org”> < cve-id-change@mitre.org >,“cve-editorial-board-list@lists.mitre.org”< cve - > editorial-board-list@lists.mitre.org > >主题:Re:请求包括董事会成员在一份新闻稿中关于> CVEID语法变化>:“米勒,托马斯”< Thomas.Millar@hq.dhs.gov > >日期:星期四,2014年9月4日20:18:36 + 0000 > >托马斯•米勒从国土安全部,不是cve每>编辑委员会成员名单(按名称或组织):> >https://cve.mitre.org/community/board/> >,米勒先生在一小时内回答Thursady >晚上后,当他就不会被包括在一般分布>列表,它是公平地说,他是BCC会。进一步,他很可能>警告传入和鼓励回复邮件。> >请史蒂夫或斜方说清楚发生了什么?为什么>米勒先生带进这个邮件之前,BCC会在邮件列表中,>,可能鼓励回复?给史蒂夫的邮件特别要求>回答者接触cve-id-change@mitre.org如果你想参与,>编辑委员会发布这很奇怪,它更是奇怪,>随机堂而皇之的成员将参与。> >谢谢,> >。b