CVE Board Meeting Agenda – 16 May 2018, 2:00 - 4:00 PM

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

CVE Board Meeting Agenda – 16 May 2018, 2:00 - 4:00 PM

Common Vulnerabilities & Exposures

CVE Board Meeting Agenda – 16 May 2018

2:00 – 2:20: Introductions, action items from the last meeting – Chris Coffin

  • Previous Action Item: The Amazon Alexa vulnerability discussion will be summarized in a post to the CVE Board email list (MITRE).
    • Status: Discussion initiated on Board list May 2. Vote on the issue expected following the Board meeting.
  • Previous Action Item: Development of the user stories will continue, and the briefing charts will be updated (MITRE).
    • Status: Work is in progress; presented updates in Strategic Planning Working Group on 14 May.
  • Previous Action Item: Email to the Board regarding the beginning of step 4 of the Charter update process (MITRE).
    • Status: Done.
  • Previous Action Item: Email to be sent to the CNA list regarding the establishment of the CNA Working Group after the CVE Charter has been approved (MITRE).
    • Status: Board Charter approved May 9; email to CNA email list TBD.
  • Previous Action Item: Jonathan Evans to contact JPCERT to determine their progress as a Root CNA, including who from JPCERT is going to work with the board on the ROOT CNA.
    • Status: Complete; to be discussed in the CNA Update.
  • Previous Action Item: Set a date for the review of the Automation Working Group Charters by the CVE Board.
    • Status: Not yet done.
  • Previous Action Item: MITRE will send an email to the Board to ask them for input regarding the value of assigning CVE IDs for older vulnerabilities or vulnerabilities that will never be patched.
    • Status: Not yet done.
  • Previous Action Item: MITRE will communicate with the CNAs about the tagging of reserved CVE IDs with the CNA name. The pros and cons of tagging or not tagging will also be included and CNAs will be encouraged to add their thoughts and concerns.
    • Status: Not yet done.

 

2:20 – 2:40: Working Groups 

·         Strategic Planning – Kent Landfield

·         Automation – Chris Johnson, Dave Waltermire

 

2:40 – 2:50: CNA Update

·         DWF – Kurt Seifried

·         MITRE – Jonathan Evans, Nick Caron

 

2:50 – 3:15: Process for handling unresponsive CNAs – Jonathan Evans, Nick Caron

3:15 – 3:30: Board Charter Update Discussion – Kent Landfield, Pascal Meunier, Chris Coffin

3:30 – 3:50: Open Discussion

3:50 4:00: Action items, wrap-up – Chris Coffin