[open-regulatory-compliance] Should ORC issue a statement encouraging EN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[open-regulatory-compliance] Should ORC issue a statement encouraging ENISA to get more involved in CVE management?

From: Tobie Langel <tobie@xxxxxxxxxxxxxx>
Date: Thu, 1 May 2025 02:58:34 +0200
Delivered-to: open-regulatory-compliance@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/open-regulatory-compliance/>
List-help: <mailto:open-regulatory-compliance-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/open-regulatory-compliance>, <mailto:open-regulatory-compliance-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/open-regulatory-compliance>, <mailto:open-regulatory-compliance-request@eclipse.org?subject=unsubscribe>

Hi all,

Following the CVE database defunding (and then refunding) and our CRA Monday on the topic earlier this week, there were suggestions that ORC should issue a statement encouraging ENISA to get more involved in CVE management. My understanding is that such a statement coming from the open source community and through a European-based entity could be impactful, in particular, in light of the ongoing consultation on the Cyber Security Act and its focus on ENISA.

Is there an appetite for creating such a statement? If so please let me know and I'll set something up.

Best,

--tobie

---
Tobie Langel
Tech Lead ORC WG, Eclipse Foundation
Principal, UnlockOpen

Prev by Date: [open-regulatory-compliance] FAQ Task Force call on Friday
Next by Date: Re: [open-regulatory-compliance] Should ORC issue a statement encouraging ENISA to get more involved in CVE management?
Previous by thread: [open-regulatory-compliance] FAQ Task Force call on Friday
Next by thread: Re: [open-regulatory-compliance] Should ORC issue a statement encouraging ENISA to get more involved in CVE management?
Index(es):
- Date
- Thread

Breadcrumbs