Well, the question is if it’s Enisa themselves that can change their scope of work or if they need new directives from the Comission or parliament to do that. It’s unclear to me (still trying to learn how the EU really works).
But starting a dialog with them would be great.
/O On 1 May 2025, at 08:47, Daniel Thompson-Yvetot via open-regulatory-compliance <open-regulatory-compliance@xxxxxxxxxxx> wrote:
I think it’s a good idea. Off list: (sorry, but )
Good plan. You need names at Enisa?
Hi all,
Following the CVE database defunding (and then refunding) and our CRA Monday on the topic earlier this week, there were suggestions that ORC should issue a statement encouraging ENISA to get more involved in CVE management. My understanding is that such a statement coming from the open source community and through a European-based entity could be impactful, in particular, in light of the ongoing consultation on the Cyber Security Act and its focus on ENISA.
Is there an appetite for creating such a statement? If so please let me know and I'll set something up.
Best,
--tobie
--- Tobie Langel Tech Lead ORC WG, Eclipse Foundation Principal, UnlockOpen
_______________________________________________open-regulatory-compliance mailing listopen-regulatory-compliance@xxxxxxxxxxxTo unsubscribe from this list, visit https://accounts.eclipse.org
_______________________________________________
open-regulatory-compliance mailing list
open-regulatory-compliance@xxxxxxxxxxx
To unsubscribe from this list, visit https://accounts.eclipse.org
_______________________________________________ open-regulatory-compliance mailing list open-regulatory-compliance@xxxxxxxxxxx To unsubscribe from this list, visit https://accounts.eclipse.org
|