ALPHA DRAFT
Software and procedure supporting the allocation of SHVI number (software and hardware vulnerability identifier) via a community portal.
Anyone can request a SHVI identifier as long as they register to the interface and validate their email address.
The request of an identifier is bound to a time limit publication where the requester need to renew the expiration period.
The requester must enter a title, a reference URL, CVSS when the security vulnerability is published. The information must be present for the publication.
Additional fields like description, CPE and cross-references values should be enter by the requester. The requester can also add his/her PGP key in order to verify the signature of security vulnerability documents.
SHVI-2016-<N>
where N is an incrementing numerical value.
shvi-allocation is an identifier allocation system supporting security researchers to uniquely identify software and hardware vulnerabilities. The shvi-allocation system doesn't store any information about the security vulnerability before that the requester decided to publish the vulnerability.