About CVE

Terminology
Documents
FAQs
CVE List

About CVE Identifiers
Obtain a CVE Identifier
Search CVE
Search NVD
CVE In Use

CVE Adoption
CVE-Compatible Products
NVD for CVE Fix Information
More . . .
News & Events

Calendar
Free Newsletter
Community

CVE Editorial Board
Sponsor
Contact Us

Search the Site

CVE Community

Editorial Board
Mail List & Meetings Archive
Roles, Tasks, & Qualifications
Adding New Members
Sponsor

CVE In Use

CVE Compatible Products and Services
More . . .

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Candidate numbering scheme

To: cve-review@linus.mitre.org
Subject: RE: Candidate numbering scheme
From: Craig Ozancin <cozancin@axent.com>
Date: Mon, 17 May 1999 12:36:05 -0400

All,

Having done some serious traveling last week I was somewhat brain dead when
I made my last posts.

I have given the candidate numbering scheme some thought.

1. We definitely need the candidate numbering scheme. It give the steering
committee a common reference to the vulnerability.

2. If these number are public, how will be get people to stop using them
when vulnerabilities are accepted and given a real CVE number. Once some
starts referring to a candidate number, they are likely to continue to refer
to that number even after the it receives a official CVE number.

3. If the vulnerability is not made public until an official CVE number is
assigned, we will miss out on the discussions/validations that an open
public forum will give us.

These are just my current thoughts. I think that the CVE is a great step in
the right direction. 

Craig Ozancin
AXENT Technologies

Follow-Ups:
- RE: Candidate numbering scheme
  - From: Gene Spafford <spaf@cs.purdue.edu>

Prev by Date: RE: Candidate numbering scheme
Next by Date: Tool Mapping Update
Prev by thread: RE: Candidate numbering scheme
Next by thread: RE: Candidate numbering scheme
Index(es):
- Date
- Thread

Page Last Updated: May 22, 2007