Thought on requirements
30 views
Skip to first unread message
Olle E Johansson
May 9, 2025, 2:52:42 AM5/9/25
to c...@owasp.org
Friends,
As you know I’ve been working on a document to describe the path forward. One important part is the requirements on a new global platform. What are your thoughts? Are the ones I have (together with man others) written enough or is an important principle missing?
Please read through the requirements and give me feedback. Note that these are high level requirements, not discussing selection of protocols or discussing if we’re going to code in EBCDIC or XML. :-)
https://docs.google.com/document/d/1u6yPlCla7SO6YuHakjvmcGtcEmHdp-NANaqpTDTA7Q0/edit?usp=share_link
Let’s discuss!
/O
As you know I’ve been working on a document to describe the path forward. One important part is the requirements on a new global platform. What are your thoughts? Are the ones I have (together with man others) written enough or is an important principle missing?
Please read through the requirements and give me feedback. Note that these are high level requirements, not discussing selection of protocols or discussing if we’re going to code in EBCDIC or XML. :-)
https://docs.google.com/document/d/1u6yPlCla7SO6YuHakjvmcGtcEmHdp-NANaqpTDTA7Q0/edit?usp=share_link
Let’s discuss!
/O
Josh Bressers
May 9, 2025, 8:52:23 AM5/9/25
to Olle E Johansson, c...@owasp.org
I love the idea, thanks Olle.
There are a lot of people chomping at the bit, and the clock is ticking (I'm operating under the assumption CVE as we know it will go away on March 16 2026, which is when the current contract option expires).
What's next?
--
Josh
--
--
Please also join the conversation on OWASP's Slack. https://owasp.org/slack/invite Join channel #cve-wg.
---
You received this message because you are subscribed to the Google Groups "CVE" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cve+uns...@owasp.org.
To view this discussion visit https://groups.google.com/a/owasp.org/d/msgid/cve/BEAC8A9D-ABC7-477F-97FE-9CE353CBA1FB%40owasp.org.
Olle E. Johansson
May 9, 2025, 9:48:18 AM5/9/25
to c...@owasp.org
Francesco Cipollone
May 9, 2025, 10:36:26 AM5/9/25
to Olle E Johansson, c...@owasp.org
Easier to comment and schedule a call?
my comment, i would define an architecture, but even tackling small things like can replication or model can be overwhelming
CPE , PURL and other i agree is an old model but consider a lot of CNA do not report
there are legal implications that MITRE had no problem being gov backed
Regards
Francesco Cipollone
CEO & Founder @ Phoenix Security
ACT Now on risk - Fix Vulnerabilities that matter most
--
--
Please also join the conversation on OWASP's Slack. https://owasp.org/slack/invite Join channel #cve-wg.
---
You received this message because you are subscribed to the Google Groups "CVE" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cve+uns...@owasp.org.
To view this discussion visit https://groups.google.com/a/owasp.org/d/msgid/cve/BEAC8A9D-ABC7-477F-97FE-9CE353CBA1FB%40owasp.org.
Reply all
Reply to author
Forward
0 new messages