While it wasn't directly part of the discussion, this may be related:
https://github.com/CVEProject/automation-working-group/issues/116 https://github.com/CVEProject/cve-website/issues/1224 So keeping track of/logging all changes, but also adding owning_cna to the JSON, which requires some work on the services/backend. - Art On 2023-01-25 10:14, Lisa Olson wrote: > Someone can correct me if I’m wrong but the conversation, as I recall, was > around storing change history with regards to GDPR considerations. MITRE > lawyers are digging into the implications and Madison Oliver is also doing > some research on behalf of Github and GDPR. > > Lisa > > *From:* Tod Beardsley <tod_beards...@rapid7.com> > *Sent:* Tuesday, January 24, 2023 5:39 PM > *To:* Art Manion <zman...@protonmail.com> > *Cc:* Landfield, Kent <kent.landfi...@trellix.com>; CVE Program Secretariat > <cve-prog-secretar...@mitre.org>; CVE Editorial Board Discussion > <cve-editorial-board-list@mitre.org> > *Subject:* [EXTERNAL] Re: CVE Board Meeting Summary: January 18, 2023 > > I would expect so, Art. Is this a controversial issue? I assume there's some > context and nuance here. > > And yes, I'm fully prepared to take my absentee lumps, Kent. 8am Wednesdays > are no longer really great for me for calls (though it looks like I can join > on the bottom half pretty often). > > On Tue, Jan 24, 2023 at 3:58 PM Art Manion <zman...@protonmail.com > <mailto:zman...@protonmail.com>> wrote: > > On 2023-01-24 16:48, Kent Landfield wrote: > > > Reach out to the CNA community to gauge how important CVE Record > Change History is to them. > > Opinion: CVE Record change history should be fully public and > transparent. > > While partially a separate question, this could be provided through a git > repo of JSON files. > > - Art > > > NOTICE OF CONFIDENTIALITY: At Rapid7, the privacy of our customers, partners, > and employees is paramount. If you received this email in error, please > notify the sender and delete it from your inbox right away. Learn how Rapid7 > handles privacy at rapid7.com/privacy-policy > <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rapid7.com%2Fprivacy-policy%2F&data=05%7C01%7Celolson%40microsoft.com%7C413e2d62ceef4da0e60408dafe750bf5%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638102075930256490%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=0DPf%2Fwiu%2BVgdm5Hejq8%2FEIu8ySPke9UG1IVsCvdegQc%3D&reserved=0>. > To opt-out of Rapid7 marketing emails, please click here > <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Finformation.rapid7.com%2Fcommunication-preferences.html&data=05%7C01%7Celolson%40microsoft.com%7C413e2d62ceef4da0e60408dafe750bf5%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638102075930256490%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=aBOPWqomt%2Bq7knWrErTbPejHUPKeeI9gyW7piB%2BXjAk%3D&reserved=0> > or email priv...@rapid7.com <mailto:priv...@rapid7.com>. >
