RE: FW: Proposed Working group and workshop

I am interested as well. -Harold -----Original Message----- From: owner-cve-editorial-board-list@lists.mitre.org [mailto:owner-cve-editorial-board-list@lists.mitre.org] On Behalf Of Art Manion Sent: Friday, August 26, 2016 1:53 PM To: Landfield, Kent B ; cve-editorial-board-list  Subject: Re: FW: Proposed Working group and workshop On 2016-08-26 08:30, Landfield, Kent B wrote: > So what do we want CVE to look like in 3-5 years? How do we plan on > getting there? > > On the Board call today I suggested we create a working group to try > to address some of those questions. This is a working group as > identified in the Charter. Instead of waiting weeks to get started, I > suggested we create the WG as an ad-hoc working group until the > Charter is approved and then we can ‘officially anoint’ it. Sign me up. Does this WG include the full board yet :) ? On 2016-08-26 11:14, Williams, Ken wrote: > Comprehensive CVE coverage of ALL vulnerabilities is a worthwhile > goal > to consider in such a WG. Agree. On 2016-08-26 12:02, Kurt Seifried wrote: > Stupid Question but why are we being so stingy with CVEs? We should > be > handing them out like candy, and putting the "important" ones into > the > database (and accepting well formed database submissions from all). Agree. On 2016-08-26 08:30, Landfield, Kent B wrote: > So what do we want CVE to look like in 3-5 years? How do we plan on > getting there? Some caution here: 3-5 years out in internet time is, IMO, not predictable. I do think we can pick some direction/priorities, and make some design choices that should enable flexibility when the future arrives, but I'm not a fan of putting lots of effort into a 5 year plan we'll have to throw away in <2 years. Regards, - Art