|
Members of MITRE CVE Team in Attendance 3:55 – 4:00: Action items, wrap-up
§Podcast on relationship and differences between NIST NVD and CVE has been delayed; however, podcast topRCNA1 have been reprioritized to have the CNA Success stories podcast be first. §Euro and Asia meetings are taking off, with each meeting having at least two attendees. §Draft agenda for virtual CVE Global summit sent on June 24 to the CVE Board for review and feedback. §CNA Rules changes: Trivial rules changes do not need a vote; changes that impact the normal workflow of a CNA require a vote, with six month lead time for implementation. §The next CNACWG meetings are July 1 and 2. US and Euro meetings will be held on July 1 and Asia meeting will be held on July 2. –There are 3 tag types: Container tags, reference tags and tags that appear in descriptions. –QWG will host a tag proposal meeting and serve as a gatekeeper; recommendations will be presented to the CVE board. §Suggestion was made for another mailing list that includes all CVE Board members and CNAs, ADPS, etc., to make getting feedback from the community easier. §CVE Definition list is underway. Dave and Katie have taken the lead with reviewing and editing the document. §SPWG charter was approved and was posted to the CVE website on June 15. §110 in total CNA pipeline: 15 in Q3'19; 16 in Q4’19; 23 in Q1’20 and 20 in Q2’20 – CNAs missing disclosure policies and/or advisory locations (as required based on CNA rules 3.0) §We have emailed the 20 CNAs with missing disclosures policies and/or advisory locations; we have received the requested information from 13 CNAs, and 7 remain outstanding.
Other discussions items: |