|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [COMPAT] Draft NIST Recommendation for CVE-Compatible Products
It's very nice to see the CVE come this far. Congratulations, Steve! >The draft NIST recommendation for the usage of CVE-compatible products >is available for commentary by February 18. > >See http://csrc.nist.gov/publications/drafts.html > > The draft NIST recommendation "Use of the CVE Vulnerability Naming > Scheme Within its Acquired Products and Information Technology > Security Procedures" advises agencies on the use of the Common > Vulnerability and Exposures (CVE) vulnerability naming scheme. It > recommends that agencies give substantial consideration to buying > products and services compatible with the CVE naming scheme. The > recommendation also advises agencies to periodically monitor their > systems for vulnerabilities listed in the CVE vulnerability naming > scheme. Agencies are also advised to use the CVE naming scheme in > their communications and descriptions of vulnerabilities. You are > invited to submit any comments you may have to both Peter Mell and > Timothy Grance at peter.mell@nist.gov and timothy.grance@nist.gov by > February 18, 2002. > > >- Steve -- Pascal Meunier, Ph.D., M.Sc. Assistant Research Scientist, CERIAS Purdue University
|
||||
