I, Stefan Hagen, second the below motion.
On Wed, Apr 3, 2024, at 19:03, Thomas Schmidt via OASIS wrote:
> Dear colleagues, As discussed in the February meeting (2024-02-28) regarding issue #693 "CPE pattern" (github.com/oasis-tcs/csaf/pull/704): I...
> OASIS Common Security Advisory Framework (CSAF) TC <https: groups.oasis-open.org/communities/community-home/digestviewer?communitykey="dfd6f6ef-b478-4686-baed-018dc7d3f240">
>
> Post New Message <mailto:
oasis-csaf@connectedcommunity.org>
> Motion for #693 (2) <https: groups.oasis-open.org/discussion/motion-for-693-2#bm39d6a117-aeb7-4db0-abd7-ec7ee6b63396="">
> Reply to Group <mailto:
oasis_csaf_39d6a117-aeb7-4db0-abd7-ec7ee6b63396@connectedcommunity.org?subject=re: motion="" for="" #693="" (2)="">
> Reply to Sender via Email <mailto:
thomas.schmidt@bsi.bund.de?subject=re: motion="" for="" #693="" (2)="">
> Thomas Schmidt <https: groups.oasis-open.org/profile?userkey="b126b797-6554-4a1c-9f6f-018dcaa6cad5">
> Apr 3, 2024 1:03 PM
> Thomas Schmidt <https: groups.oasis-open.org/profile?userkey="b126b797-6554-4a1c-9f6f-018dcaa6cad5">
>
> Dear colleagues,
> As discussed in the February meeting (2024-02-28) regarding issue #693 "CPE pattern" (github.com/oasis-tcs/csaf/pull/704 <https: github.com/oasis-tcs/csaf/issues/693="">):
>
> I hereby submit the following motion and request that if seconded and no objection received per this list before one week has passed on 2024-04-10 20:00 UTC to automatically carry.
> The Chair usually states the result per mail to this list when the period has passed.
>
> I, Thomas Schmidt, move to not add an errata to CSAF 2.0 (as this would be IMHO a material change) regarding the issues but instead add an FAQ entry that acknowledges the issue and provides a fixed regex that implementations can use instead to fix the issue.
>
>
>
> Independent of the motion, the TC needs to decide how to deal with lax compliance and provide guidance for implementations.
>
>
>
> Best wishes,
> Thomas
>
> --
> Thomas Schmidt [...]
Original Message:
Sent: 4/3/2024 1:03:00 PM
From: Thomas Schmidt
Subject: Motion for #693 (2)
Dear colleagues,
As discussed in the February meeting (2024-02-28) regarding issue #693 "CPE pattern" (https://github.com/oasis-tcs/csaf/pull/704):
I hereby submit the following motion and request that if seconded and no objection received per this list before one week has passed on 2024-04-10 20:00 UTC to automatically carry.
The Chair usually states the result per mail to this list when the period has passed.
I, Thomas Schmidt, move to not add an errata to CSAF 2.0 (as this would be IMHO a material change) regarding the issues but instead add an FAQ entry that acknowledges the issue and provides a fixed regex that implementations can use instead to fix the issue.
Independent of the motion, the TC needs to decide how to deal with lax compliance and provide guidance for implementations.
Best wishes,
Thomas
--
Thomas Schmidt
------------------------------
Thomas Schmidt
Federal Office for Information Security (BSI) Germany
------------------------------
</https:></https:></https:></mailto:thomas.schmidt@bsi.bund.de?subject=re:></mailto:oasis_csaf_39d6a117-aeb7-4db0-abd7-ec7ee6b63396@connectedcommunity.org?subject=re:></https:></mailto:oasis-csaf@connectedcommunity.org></https:>