Reserving CVE ID for future years beyond the next

CVEProject / cve-services

This repo contains the source for the CVE Services API.

Creative Commons Zero v1.0 Universal

144 stars 68 forks source link

Reserving CVE ID for future years beyond the next #112

Open athu-tran opened 4 years ago

athu-tran commented 4 years ago

This was brought up by @david-waltermire-nist on 9/22/2020

cristina479 commented 3 years ago

Why do we want to be able to reserve, for example, CVE IDs from 2023 when we are still in 2020? Just curious.

athu-tran commented 3 years ago

That's a good question @cristina479. We will need to bring that question you've asked again to a broader audience when this ticket is moved from the backlog to the development list. From the subgroup of the AWG that initially discussed these user stories, Fabio L. from Red Hat and Kent L. from McAfee stated that it doesn't make sense to reserve CVE IDs for a year beyond next year.