再保险:CVE程序优先级

来:“大妈,斯蒂芬·v”<sboyle@mitre.org>,cve-editorial-board-list <cve-editorial-board-list@LISTS.MITRE.ORG>
主题再保险:CVE项目优先级
从莫尼耶:帕斯卡<pmeunier@cerias.purdue.edu>
日期-0500年结婚,2015年12月23日03:03:37
Authentication-Results:防晒系数=没有(发送者的IP 129.83.29.2) smtp.mailfrom = LISTS.MITRE.ORG;mitre.mail.onmicrosoft.com;dkim = (messagenot签署)header.d =没有问题;mitre.mail.onmicrosoft.com;dmarc =没有行动= noneheader.from = cerias.purdue.edu;
交货日期:2015年12月23日07:48:23结婚
在回复:<CY1PR09MB0873A71369CCDDE1AF00AB26C7E50@CY1PR09MB0873.namprd09.prod.outlook.com>
名单有用:<mailto: LISTSERV@LISTS.MITRE.ORG ?身体= % 20 cve-editorial-board-list信息>
List-Owner:<mailto: CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
List-Subscribe:<mailto: CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
List-Unsubscribe:<mailto: CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
引用:<CY1PR09MB0873A71369CCDDE1AF00AB26C7E50@CY1PR09MB0873.namprd09.prod.outlook.com>
发送方:<owner-cve-editorial-board-list@lists.mitre.org>
SpamDiagnosticMetadata:43 da9c421be74aed97248473db21fd15
SpamDiagnosticOutput:1:2
用户代理:Mozilla / 5.0 (X11;Linux x86_64;房车:31.0)壁虎/ 20100101 Icedove / 31.8.0

这里有几个傻问题,让我夜不能寐(字面意思):1。为什么美国在国外保持军事存在但不是CVE的存在吗?2。如果资金的来源就是限制了CVE使命,也许CVE计划应该获得资金从联合国吗?帕斯卡在12/22/2015下午12:55,博伊尔,斯蒂芬诉写道:>在星期四,12月17日,2015年在十一17点,在线程“CVE即将到来的变化,”Kurt Seifried写道:> >有一个埃塔在任何吗?天/周/月?> >在这一点上,显然CVE不能覆盖每一个已知的漏洞。一个简单的事实是,每年发表的cf数量已经跟不上速度或披露的缺陷的数量。CVE成功运营多年但还需要根本性的变化。15年前,我们可以有效地关注美国部门,告诉自己,我们在本质上是提供覆盖全球。 Given the international explosion of software development, that is no longer the case. > > As stated on the CVE web site "CVE is sponsored by US-CERT in the office of Cybersecurity and Communications (CS&C) at the U.S. Department of Homeland Security." DHS has identified a number of Critical Infrastructure Sectors and CS&C is the identified as the lead for the U.S. IT sector. As we consider how to increase the coverage of CVE, CVE must - as its highest priority - effectively provide full coverage of the software and devices used in the U.S. IT sector. > > To achieve the fundamental changes required for CVE, we the Editorial Board must wrestle with a number of important topics while CVE continues to operate. We have been actively listening to and hearing the issues and concerns expressed on the Board list and on the outside. We have been working internally to understand the issues and interdependencies limiting CVE and to reflect those back to the Board for consideration. > > To that end, we suggest the following list of tasks, in priority order: > > > 0. The operation of CVE > > 1. The prioritized scope of coverage for CVE and the associated Sources and Products > > 2. A re-examination and simplification of the way CVE counts vulnerabilities > > 3. The required "quality" of final CVE entries > > 4. Clear, redefined rules and guidelines for the operation and management of CNAs > > 5. Clear, redefined and more inclusive rules for becoming a CNA > > 6. Continuing revisions regarding Board membership and the process for adding members > > > > We sincerely appreciate the Board's continued efforts. You have always been a critical part of CVE, from back in the days of voting on CANs to today. We look forward to comments and discussions on this list to evolve CVE. > > Best Regards, > Steve Boyle >

引用:
- CVE项目优先级
  - 来自:“大妈,斯蒂芬·v .”

上一页的日期:再保险:CVE程序优先级
下一个按日期:再保险:CVE程序优先级
Prev线程:再保险:CVE程序优先级
指数(es):
- 日期
- 线程