Regarding USCYBERCOM

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Regarding USCYBERCOM

Kurt Seifried
http://www.reuters.com/article/us-usa-cyber-idUSKCN10G254

I'm guessing we want to have them on the board, do we have anyone there we can reach out to? 

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Regarding USCYBERCOM

Millar, Thomas
I can reach out



Tom Millar, US-CERT

Sent from +1-202-631-1915
https://www.us-cert.gov
 

From: [hidden email] on behalf of Kurt Seifried
Sent: Wednesday, August 10, 2016 6:39:15 PM
To: cve-editorial-board-list
Subject: Regarding USCYBERCOM

http://www.reuters.com/article/us-usa-cyber-idUSKCN10G254

I'm guessing we want to have them on the board, do we have anyone there we can reach out to? 

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Regarding USCYBERCOM

Landfield, Kent B
Can we talk about this before we anoint someone?

Personally I do not believe we should be adding board members based on news articles. Let's see how it goes first and then if it makes sense, do it. 

What would be the international repercussions by doing this? We want CVE as a global vulnerability identification means, not just a US one. 

At this point we have not had the preliminary discussions to tie ourselves to aa org such as this. Let's have those first...

Kent Landfield
Intel Corporation 
+1.817.637.8026 

On Aug 10, 2016, at 1:18 PM, Millar, Thomas <[hidden email]> wrote:

I can reach out



Tom Millar, US-CERT

Sent from +1-202-631-1915
https://www.us-cert.gov
 

From: [hidden email] on behalf of Kurt Seifried
Sent: Wednesday, August 10, 2016 6:39:15 PM
To: cve-editorial-board-list
Subject: Regarding USCYBERCOM

http://www.reuters.com/article/us-usa-cyber-idUSKCN10G254

I'm guessing we want to have them on the board, do we have anyone there we can reach out to? 

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Regarding USCYBERCOM

Kurt Seifried


On Wed, Aug 10, 2016 at 12:26 PM, Landfield, Kent B <[hidden email]> wrote:
Can we talk about this before we anoint someone?

Personally I do not believe we should be adding board members based on news articles. Let's see how it goes first and then if it makes sense, do it. 

What would be the international repercussions by doing this? We want CVE as a global vulnerability identification means, not just a US one. 

At this point we have not had the preliminary discussions to tie ourselves to aa org such as this. Let's have those first...

My personal take: the US DoD is a HUGE consumer of CVE and related standards (witness NVD, SCAP, STIG, etc.). I'd at least like to get someone on USCYBERCOMs end as a liaison/communications channel (something not always easy to do with the DoD).  
 

Kent Landfield
Intel Corporation 
<a href="tel:%2B1.817.637.8026" value="+18176378026" target="_blank">+1.817.637.8026 



--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Regarding USCYBERCOM

Millar, Thomas
In reply to this post by Landfield, Kent B
I'm not anointing anyone, I'm just going to find out who to talk to, via our liaisons with them.

IME, If it's anything like every other vulnerability-related item with DoD, they will be super happy to let DHS continue as their trustee.



Tom Millar, US-CERT

Sent from +1-202-631-1915
https://www.us-cert.gov
 

From: Landfield, Kent B
Sent: Wednesday, August 10, 2016 7:26:06 PM
To: Millar, Thomas
Cc: Kurt Seifried; cve-editorial-board-list
Subject: Re: Regarding USCYBERCOM

Can we talk about this before we anoint someone?

Personally I do not believe we should be adding board members based on news articles. Let's see how it goes first and then if it makes sense, do it. 

What would be the international repercussions by doing this? We want CVE as a global vulnerability identification means, not just a US one. 

At this point we have not had the preliminary discussions to tie ourselves to aa org such as this. Let's have those first...

Kent Landfield
Intel Corporation 
+1.817.637.8026 

On Aug 10, 2016, at 1:18 PM, Millar, Thomas <[hidden email]> wrote:

I can reach out



Tom Millar, US-CERT

Sent from +1-202-631-1915
https://www.us-cert.gov
 

From: [hidden email] on behalf of Kurt Seifried
Sent: Wednesday, August 10, 2016 6:39:15 PM
To: cve-editorial-board-list
Subject: Regarding USCYBERCOM

http://www.reuters.com/article/us-usa-cyber-idUSKCN10G254

I'm guessing we want to have them on the board, do we have anyone there we can reach out to? 

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Regarding USCYBERCOM

Kurt Seifried
I honestly have no idea how the US gov works (or my own gov, or really any gov for that matter). If USCYBERCOM is happy to have DHS represent them on the CVE Board that's fine by me. I was just assuming they may want to take an active role.

On Wed, Aug 10, 2016 at 12:39 PM, Millar, Thomas <[hidden email]> wrote:
I'm not anointing anyone, I'm just going to find out who to talk to, via our liaisons with them.

IME, If it's anything like every other vulnerability-related item with DoD, they will be super happy to let DHS continue as their trustee.



Tom Millar, US-CERT

Sent from <a href="tel:%2B1-202-631-1915" value="+12026311915" target="_blank">+1-202-631-1915
https://www.us-cert.gov
 

From: Landfield, Kent B
Sent: Wednesday, August 10, 2016 7:26:06 PM
To: Millar, Thomas
Cc: Kurt Seifried; cve-editorial-board-list
Subject: Re: Regarding USCYBERCOM

Can we talk about this before we anoint someone?

Personally I do not believe we should be adding board members based on news articles. Let's see how it goes first and then if it makes sense, do it. 

What would be the international repercussions by doing this? We want CVE as a global vulnerability identification means, not just a US one. 

At this point we have not had the preliminary discussions to tie ourselves to aa org such as this. Let's have those first...

Kent Landfield
Intel Corporation 
<a href="tel:%2B1.817.637.8026" value="+18176378026" target="_blank">+1.817.637.8026 

On Aug 10, 2016, at 1:18 PM, Millar, Thomas <[hidden email]> wrote:

I can reach out



Tom Millar, US-CERT

Sent from <a href="tel:%2B1-202-631-1915" value="+12026311915" target="_blank">+1-202-631-1915
https://www.us-cert.gov
 

From: [hidden email] on behalf of Kurt Seifried
Sent: Wednesday, August 10, 2016 6:39:15 PM
To: cve-editorial-board-list
Subject: Regarding USCYBERCOM

http://www.reuters.com/article/us-usa-cyber-idUSKCN10G254

I'm guessing we want to have them on the board, do we have anyone there we can reach out to? 

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: [hidden email]



--

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Regarding USCYBERCOM

Scott Lawler

CYBERCOM will surely NOT want DHS to represent them.    They are entirely different organizations with different missions and focus areas.    Reps from both would be a good idea. 

 

Thank you,  

Scott

703-509-9330

 

 

From: <[hidden email]> on behalf of Kurt Seifried <[hidden email]>
Date: Wednesday, August 10, 2016 at 11:54 PM
To: "Millar, Thomas" <[hidden email]>
Cc: "Landfield, Kent B" <[hidden email]>, cve-editorial-board-list <[hidden email]>
Subject: Re: Regarding USCYBERCOM

 

I honestly have no idea how the US gov works (or my own gov, or really any gov for that matter). If USCYBERCOM is happy to have DHS represent them on the CVE Board that's fine by me. I was just assuming they may want to take an active role.

 

On Wed, Aug 10, 2016 at 12:39 PM, Millar, Thomas <[hidden email]> wrote:

I'm not anointing anyone, I'm just going to find out who to talk to, via our liaisons with them.

IME, If it's anything like every other vulnerability-related item with DoD, they will be super happy to let DHS continue as their trustee.



Tom Millar, US-CERT

Sent from <a href="tel:%2B1-202-631-1915" target="_blank">+1-202-631-1915
https://www.us-cert.gov

 


From: Landfield, Kent B
Sent: Wednesday, August 10, 2016 7:26:06 PM
To: Millar, Thomas
Cc: Kurt Seifried; cve-editorial-board-list
Subject: Re: Regarding USCYBERCOM

 

Can we talk about this before we anoint someone?

 

Personally I do not believe we should be adding board members based on news articles. Let's see how it goes first and then if it makes sense, do it. 

 

What would be the international repercussions by doing this? We want CVE as a global vulnerability identification means, not just a US one. 

 

At this point we have not had the preliminary discussions to tie ourselves to aa org such as this. Let's have those first...

Kent Landfield

Intel Corporation 

<a href="tel:%2B1.817.637.8026" target="_blank">+1.817.637.8026 


On Aug 10, 2016, at 1:18 PM, Millar, Thomas <[hidden email]> wrote:

I can reach out



Tom Millar, US-CERT

Sent from <a href="tel:%2B1-202-631-1915" target="_blank">+1-202-631-1915
https://www.us-cert.gov

 


From: [hidden email] on behalf of Kurt Seifried
Sent: Wednesday, August 10, 2016 6:39:15 PM
To: cve-editorial-board-list
Subject: Regarding USCYBERCOM

http://www.reuters.com/article/us-usa-cyber-idUSKCN10G254

 

I'm guessing we want to have them on the board, do we have anyone there we can reach out to? 

 

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: 
[hidden email]



 

--

 

--
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: 
[hidden email]