|
02:35-03:55: Review of Action items (see attached excel file) See attached Excel spreadsheet for open action items from prior meetings (CVE Board Meeting 26May21– Agenda and Action items) § Strategic Planning Working Group – Kent Landfield §CVE Program currently supports three different formats for submitting CVE-related record information (flat file, CSV, JSON); CVE Program is moving towards CVE JSON version 5 (JSON5) §Consensus achieved that CVE Program will support the transition to one format while still supporting the CNAs that would like to continue to use non-JSON formats §SPWG sent an email to the CNAs about the impact of deprecating to one format; discussions are underway on the SPWG and CNA mailing lists oProfessional Code of Conduct policy approved by the CVE Board and published on the CVE Website ( https://cve.mitre.org/about/professional_code_of_conduct.html ) oWorking Group Guidelines document is currently being tech edited and will be distributed to the CVE Board for approval soon §The initial phase (Phase 1) will focus on cleaning up the document: ·Change program terms and definitions to align with recently published terms and definitions ·Other inconsistency changes ·Remove duplications ·Include better explanations §Kent Landfield and Art Rich are working on developing a draft for SPWG review and feedback §Operations/Maintenance ·There will be no downtime through May 26. However, there will be scheduled outages in June for the CVE Website dynamic functions to be disabled on June 14 for Website while CVE Services 1.1.0 is deployed. §Development/Deployment ·CVE Services 1.1.0 deployment is on schedule for June 14 – 15 ·CVE Website services requirements for Website 1.0.0 is completed §Reviewed new pull requests and issues for the JSON schema in preparation for the 5.0 release §Survey sent on May 19 to obtain feedback on the summit; 18 responses were received. §The group reviewed the feedback from the survey results. The Board agreed that day 2 content was better than day 1. The Board agreed guidance about topic content will need to be provided for the next Call for Papers. Unfortunately, a CNA used the opportunity to promote their product. §A small team of OCWG members are reviewing the community comments and providing recommendations for content changes in preparation for CVE Website Phase 1 deployment, scheduled June 2021 ·Topic: Engaging with CVE Services, Automation, and CNAs - an interview with Kris Britton (HSSEDI), David Waltermire (NIST) and Milind Kulkarni (NVIDIA). David will take the lead in driving the discussion ·Chandan has confirmed participation for this podcast, next steps scheduled production and recording meetings oThe Board reviewed the charter changes real time since no one was able to read the document. During the review process, additional changes were identified. The charter will be updated and distributed for another review. oMITRE Top-Level Root provided a status update: INCIBE is on schedule to be a Root by the end of June §The CVE Board meeting recording archives are in transition to a new platform. Once the new platform is ready, the Board recordings will be readily available to CVE Board Members. Until then, to obtain a recording of a CVE Board Meeting, please reach out to CVE Program Secretariat (). |