Feature request: Add identifiers
0xdabbad00 opened this issue · 2 comments
We need a better way to reference these than by the titles I gave them.
CVE's are assigned roughly by order of when requests for them are submitted. Because this data set includes issues identified before the creation of this repo, we're going to have to assign these historically, with something like CSPI-2019-01, CSPI-2019-02, etc. where CSPI would mean "Cloud Service Provider Issue". This won't be entirely chronological because in the future people will point out past issues I missed, and also right now the "first" issue is https://github.com/SummitRoute/csp_security_mistakes#gcp-default-compute-account-is-project-editor but I don't know when that issue was first identified (and I've been hesitant to even include that specific issue as it seems more of a technical decision).
I need a better acronym. Maybe make some backronym out of "CRISPI" as that would be more memorable?
Does it make sense to include the CSP in the identifier as well?