RE: CVE ID Syntax Change and Options
Most/all of our tools and software can already handle modified CVE identifiers. Our preference would be either one or two leading zeros.
Thanks and regards,
Ken Williams, Director
CA Technologies Product Vulnerability Response Team
CA Technologies Business Unit Operations
email@example.com - 816-914-4225
From: firstname.lastname@example.org [mailto:email@example.com] On Behalf Of Mark J Cox
Sent: Wednesday, November 07, 2012 3:31 AM
To: 'Christey, Steven M.'
Cc: 'cve-editorial-board-list (firstname.lastname@example.org)'
Subject: RE: CVE ID Syntax Change and Options
We've written most of our tools to handle CVE-\d+-\d+ already, so "extra
digits" is our preferred option, and out of those a preference would be a
fixed number of digits with leading 0s to reduce c&p errors.
Mark J Cox / Senior Director, Security Engineering, Red Hat