| ▲ | _verandaguy 7 days ago | |
Seconding this. A program like CVE still has to be built on (to some extent, and at least in the initial stages) traditional, non-cryptographic trust. Who runs this thing? Who's funding it? Who's reviewing, testing, and approving the reports? Assigning them IDs? I'm hoping for the best, and I'm willing to give the benefit of the doubt because of the frankly crap timing around this whole mess, but on its face, in its current state, I wouldn't trust this org at all. | ||
| ▲ | ForOldHack 7 days ago | parent [-] | |
It's a sad day when the CVE has to issue a CVE for the U.S. government. The meta... The meta ... | ||