再保险:杜松添加到官方列表区域

坐,2016年4月23日,Landfield,肯特B写道::要明确....投票始终没有发生在过去。或:至少我记得。我认为没有理由现在就开始。然而,董事会投票决定每个CVE ID分配。事物是变化的。我主要关心的是CNA谁不遵循作业指导方针最终导致混乱和头痛那些监控报告。我们已经有用户和客户邮件询问CNA供应商分配指过去,所以它不仅仅是我们注意到。上个月,我的数量稳步增加邮件我发送供应商和研究者对CVE分配问题,有时每天发送多达5。如果我们能更好的避免这个问题,确保潜在CNA真正作为一个准备步骤,我们应该。 I don't get the feeling that most of the board monitors some of these vendors to the degree I do, so I don't want a rubberstamping discussion via phone to be the only thing stopping them from getting approved. : I agree official votes should be on the list for items we have : previously agreed to vote on but rough consensus on board calls is more : than enough for most other items. Everyone appears to agree on this so far, which I am happy to see. : I personally would not want to start voting on everything as that would : just slow the effort down greatly at a time when rapid improvements are : needed. No, but we also don't want the typical knee-jerk reaction the U.S. government is well-known for either (and MITRE demonstrated with that federated ID scheme change nonsense that wasn't discussed with the board). Taking an extra few days or even weeks to ensure a solution is appropriate benefits us more than rushing to a solution that will demand more fixes in the months to come.