[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3FBA5BFD.40703@germinus.com>
Date: Tue, 18 Nov 2003 18:50:53 +0100
From: Javier Fernandez-Sanguino <jfernandez@...minus.com>
To: bugtraq@...urityfocus.com
Subject: Re: Vulnerability Disclosure Formats (was "Re: Funny article")
Steven M. Christey wrote:
> There are a couple proposals out there, but I don't think they've
> gotten as much attention as they deserve:
>
> Common Advisory Interchange Format
>
http://cert.uni-stuttgart.de/files/caif/requirements/split/requirements.html
>
>
> Advisory and Notification Markup Language (ANML)
> http://www.opensec.org/anml/
>
I would also add to the list the
EISPP Common Advisory Format Description”, (EISPP-D3-001-TR), version
1.2, 28 march 2003 http://www.eispp.org/commonformat.pdf
Even if this one is slightly biased towards CERTs it could be used by
vendors too.
Regards
Javier Fernandez-Sanguino
Powered by blists - more mailing lists