Anyone interested in helping with registration as CNA?
14 views
Skip to first unread message
Tatu Saloranta
Sep 5, 2023, 9:10:42 PM9/5/23
to jacks...@googlegroups.com
So: in order to have more control over filing of CVEs against Jackson
components, we (Jackson project) would need to register as CNA (CVE
Numbering Authority) for Jackson.
While the process is not particularly heavy or complicated:
https://forms.monday.com/forms/0ac7c73564ba6ce893f8b1a90cc4abbd?r=use1
but it's also not something to just do without due consideration, focus.
So I was wondering if anyone might be interested in driving this process?
I would be happy to help, and work on actual security reports (as I
have been so far).
But would prefer if someone else wanted to lead the effort in setting
up bit of scaffolding needed (2 landing pages, it sounds like).
-+ Tatu +-
components, we (Jackson project) would need to register as CNA (CVE
Numbering Authority) for Jackson.
While the process is not particularly heavy or complicated:
https://forms.monday.com/forms/0ac7c73564ba6ce893f8b1a90cc4abbd?r=use1
but it's also not something to just do without due consideration, focus.
So I was wondering if anyone might be interested in driving this process?
I would be happy to help, and work on actual security reports (as I
have been so far).
But would prefer if someone else wanted to lead the effort in setting
up bit of scaffolding needed (2 landing pages, it sounds like).
-+ Tatu +-
Joo Hyuk Kim (Vince)
Sep 12, 2023, 10:32:15 AM9/12/23
to jackson-dev
Since I have been investing consistent amount of time around Jackson, maybe I can be of help.
I will check out the form content over the weekend and see how I can help --either directly or indirectly.
Thanks,
JooHyukKim (Vince)
Tatu Saloranta
Sep 12, 2023, 12:53:26 PM9/12/23
to jacks...@googlegroups.com
On Tue, Sep 12, 2023 at 7:32 AM Joo Hyuk Kim (Vince)
<bean...@gmail.com> wrote:
>
> Since I have been investing consistent amount of time around Jackson, maybe I can be of help.
> I will check out the form content over the weekend and see how I can help --either directly or indirectly.
>
> Thanks,
> JooHyukKim (Vince)
Excellent, thank you!
<bean...@gmail.com> wrote:
>
> Since I have been investing consistent amount of time around Jackson, maybe I can be of help.
> I will check out the form content over the weekend and see how I can help --either directly or indirectly.
>
> Thanks,
> JooHyukKim (Vince)
-+ Tatu +-
>
> On Wednesday, September 6, 2023 at 10:10:42 AM UTC+9 Tatu Saloranta wrote:
>>
>> So: in order to have more control over filing of CVEs against Jackson
>> components, we (Jackson project) would need to register as CNA (CVE
>> Numbering Authority) for Jackson.
>> While the process is not particularly heavy or complicated:
>>
>> https://forms.monday.com/forms/0ac7c73564ba6ce893f8b1a90cc4abbd?r=use1
>>
>> but it's also not something to just do without due consideration, focus.
>>
>> So I was wondering if anyone might be interested in driving this process?
>> I would be happy to help, and work on actual security reports (as I
>> have been so far).
>> But would prefer if someone else wanted to lead the effort in setting
>> up bit of scaffolding needed (2 landing pages, it sounds like).
>>
>> -+ Tatu +-
>
> You received this message because you are subscribed to the Google Groups "jackson-dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to jackson-dev...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/jackson-dev/b7519b70-50c2-4881-8978-8ea095582f9cn%40googlegroups.com.
Joo Hyuk Kim
Sep 16, 2023, 11:09:46 AM9/16/23
to jacks...@googlegroups.com
Okay, I read the form itself then followed links for more information and looked around for references.
It seems like the process includes a bunch of decisions to make, so leading doesn't seem like something I can offer :-/
But I can help with doing things like building things, finding/providing information.
So based on the shared form (forms.monday.com), I think I can volunteer as secondary PoC?
Thanks,
Joo Hyuk
To view this discussion on the web visit https://groups.google.com/d/msgid/jackson-dev/CAL4a10gQJeZX8UyVwC9WL%3DkYZO7AhO%2BV5ZDpXtwkjwSL96yTEg%40mail.gmail.com.
Tatu Saloranta
Sep 18, 2023, 11:19:24 PM9/18/23
to jacks...@googlegroups.com
On Sat, Sep 16, 2023 at 8:09 AM Joo Hyuk Kim <bean...@gmail.com> wrote:
>
> Okay, I read the form itself then followed links for more information and looked around for references.
> It seems like the process includes a bunch of decisions to make, so leading doesn't seem like something I can offer :-/
I can help with decision-making part.
>
> Okay, I read the form itself then followed links for more information and looked around for references.
> It seems like the process includes a bunch of decisions to make, so leading doesn't seem like something I can offer :-/
> But I can help with doing things like building things, finding/providing information.
> So based on the shared form (forms.monday.com), I think I can volunteer as secondary PoC?
>
> Thanks,
> Joo Hyuk
I think we can continue figuring this out after the 2.16 release is
done (I need to communicate about my plans wrt that soon anyway).
-+ Tatu +-
Reply all
Reply to author
Forward
0 new messages