：RE：拟议的工作组和研讨会

[：“兰德菲尔德，肯特·B” <kent.b.landfield@intel.com>]

艺术写道：这里有一些警告：IMO在Internet时期3  -  5年是不可预测的。我确实认为我们可以选择一些指导/优先事项，并做出一些设计选择，这些选择应该在未来时能够灵活地发挥作用，但是我不喜欢将大量精力投入5年计划，我们必须抛弃<2年。我不能同意……。---肯特·兰德菲尔德（Kent Landfield）+1.817.637.8026在8/26/16，12：52 pm，“ Art Manion” 写道：2016-08-26 08-26 08:30，肯特·B，肯特·B（Landfield），B写作：>那么，我们希望CVE在3  -  5年内看起来像什么？我们如何计划>到达那里？>>今天，我建议我们创建一个工作组来尝试解决其中一些问题。这是宪章中确定的工作组。我建议我们将WG创建为一个临时工作组，而不是等待数周才能开始，直到被批准为止，然后我们就可以“正式涂抹”它。 Sign me up. Does this WG include the full board yet :) ? On 2016-08-26 11:14, Williams, Ken wrote: > Comprehensive CVE coverage of ALL vulnerabilities is a worthwhile > goal to consider in such a WG. Agree. On 2016-08-26 12:02, Kurt Seifried wrote: > Stupid Question but why are we being so stingy with CVEs? We should > be handing them out like candy, and putting the "important" ones into > the database (and accepting well formed database submissions from > all). Agree. On 2016-08-26 08:30, Landfield, Kent B wrote: > So what do we want CVE to look like in 3-5 years? How do we plan on > getting there? Some caution here: 3-5 years out in internet time is, IMO, not predictable. I do think we can pick some direction/priorities, and make some design choices that should enable flexibility when the future arrives, but I'm not a fan of putting lots of effort into a 5 year plan we'll have to throw away in <2 years. Regards, - Art