CVE Board Meeting summary

Members of MITRE CVE Team in Attendance

Christine Deal

Jonathan Evans

Chris Levendis

3:55 – 4:00: Action items, wrap-up

04.1.04	Develop Non-responsiveness Policy to address CNA1 that continues to be unresponsive.	Jo Bazar (MITRE)	Due 8/19/20	8/5 Update: CNACWG recommended a two-week response time with no objections from the CVE Board. This timeframe will be incorporated into the Dispute/Escalation process. Jo B. will draft policy and send to SPWG for review and comment.
04.1.07	Formalize Council of Roots responsibilities in anticipation of new Roots joining the program	SPWG	On Hold	Assigned on 4/1/2020.
05.13.02	Take the lead for developing a proposal about approach for automated vulnerability identification workshop that includes an initial target participant list, and report back to next CVE Board Meeting.	Kent L.	In Progress	8/5 Update: Kent has meetings scheduled this week to discuss. Art M. offered resources to assist with this effort.
06.24.02	Schedule a meeting to discuss EOL and CNA Rules Postmortem, lessons learned, and opportunities moving forward.	Katie N.	In Progress	8/5 Update: EOL Doodle Poll sent on July 31, 2020. Meeting will likely be next Monday (8/10).
06.24.04	Send message to all the CVE Board members so see if they want to continue being on the CVE Board.	Chris L. (MITRE)	Complete	8/5 Update: CVE Board members have responded; 2 indicated they do not wish to continue to be on CVE Board, should these board members be listed as Emeritus status?
07.08.01	Draft language for CVE Board Charter around CVE Board voting timelines (1 week, 2 weeks, etc.)	Kent L.	Complete
07.08.02	Draft language for CVE Board Charter for CVE Board executive sessions.	Kent L.	Complete
07.08.03	Draft language that describes reasonable engagement for a CVE Board member	Chris L. (MITRE)	Complete
07.08.04	Draft CVE program press release for ICS Root becoming a root CNA.	Jo B. (MITRE)/Kent L.	Due 9/1/20	7/22 Update: Draft press release initiated.
07.08.05	Send EOL blog post to CVE Board for review and feedback.	Jo B. (MITRE)	Complete
07.22.01	Draft email to stimulate participation in the AWG and send to appropriate mailing lists.	Chris L. (MITRE)/Dave W.	In Progress	8/5/20 Update: Draft email initiated.
07.22.02	Send questions to Beverly to be included in the survey regarding CVE Board meeting times (e.g., what is a good meeting time for you? Are you amenable to alternating board meetings? Are you amenable to breaking out the meeting into two, one-hour meetings?	ALL	Complete	The groups agreed to host Wednesday, 9am – 10am – Open discussions; and 10am - 11am for status updates.
07.22.03	Develop metrics to track how quickly a new CNA publishes its first CVE record from the time it became a CNA.	Jonathan E. (MITRE)	In Progress	8/5 Update: Draft metrics developed and will be sent to the Board Private list for review.

Mark Cox suggested preparing the meeting minutes a week in advance so attendees can read updates ahead of time. Apache follows this model for their monthly board meetings. The meetings are 30 minutes in length and once a month. The group discussed having the meeting notes be taken real time, so CVE Board members can make edits to minutes during the meeting.

CVE Board membership topic is about expectations of CVE Board member participation, what is the required participation for an active CVE Board member? The group agreed the CVE Board needs more diversity and a variety of the skill sets, from a variety of groups. The group agreed to have this conversation on the CVE Board Private list.

Other discussions items:

§The CVE Board meeting recordings archives are in transition to a new platform. Once the new platform is ready, the board recordings will be readily available to CVE Board Members. Until then, to obtain a recording of a CVE Board Meeting, please reach out to Jo Bazar ().

CVE Board Meeting summary - 5 August 2020