Email or username:

Password:

Forgot your password?
All posts daniel://'s posts Post Back to profile
Top-level
Dylan :heart_nb:

@bagder can you see any path forward where maintainers who want to could have a bigger role in maintaining their CVE list? Has NIST or would NIST consider such a thing, or would we need a whole new platform? Is there already a better alternative we could start preferring?

25 Aug 2023 at 22:55 | Wall-to-wall | Open on tech.lgbt
2 comments
daniel:// stenberg://

@dbanty I'm not that familiar with all the processes and details to tell.People tend to tell me "you should become your own CNA" as if that makes things better, but I have no idea. And also seems like a complicated way as surely not everyone can be CNAs. This system clearly needs fixing though.

25 Aug 2023 at 22:58 | Open on mastodon.social
Jeremy Mill :oh_no_bubble: :verified:

@bagder @dbanty Hey Daniel, I've run a CNA before (for Puppet) and I would be happy to have a chat about the pros and cons and how it may help you with some of these

25 Aug 2023 at 23:23 | Open on infosec.exchange
Go Up