Update acks page (#1037)

Author: ahouseholder

docs/about/acknowledgements.md

@@ -1,25 +1,55 @@
 # Acknowledgements
 
-The authors would first like to acknowledge the valuable contributions of previous authors who have worked on earlier versions
-of this report: Art Manion, Madison Oliver, and Deana Shick.
+The SSVC team would first like to acknowledge the valuable contributions of
+previous authors who have worked on earlier versions of SSVC: Eric Hatleback,
+Bon Jin Koo, Art Manion, Madison Oliver, Deana Shick, and Jonathan Spring.
 
-The authors thank the [contributors](https://github.com/CERTCC/SSVC/graphs/contributors) to the
-[SSVC project](https://github.com/CERTCC/SSVC) on Github as well as the following individuals for helpful comments on
-prior drafts (listed in alphabetical order):
+SSVC began as a series of papers before we created this site. Earlier versions
+were written by:  
+[1] J. M. Spring, E. Hatleback, A. D. Householder, A. Manion, and D. Shick,
+"Towards Improving CVSS," Software Engineering Institute, Carnegie Mellon
+University, Dec. 2018. [Online]. Available: [https://github.com/CERTCC/SSVC/blob/main/pdfs/2018_019_001_538372.pdf](https://github.com/CERTCC/SSVC/blob/main/pdfs/2018_019_001_538372.pdf)  
+[2] J. M. Spring, E. Hatleback, A. D. Householder, A. Manion, and D. Shick,
+"Prioritizing Vulnerability Response: a Stakeholder-Specific Vulnerability
+Categorization," Software Engineering Institute, Carnegie Mellon University,
+Nov. 2019. [Online]. Available: [https://github.com/CERTCC/SSVC/blob/main/pdfs/2019_019_001_636391.pdf](https://github.com/CERTCC/SSVC/blob/main/pdfs/2019_019_001_636391.pdf)  
+[3] J. M. Spring, E. Hatleback, A. D. Householder, A. Manion, and D. Shick,
+"Prioritizing Vulnerability Response: a Stakeholder-Specific Vulnerability
+Categorization (Version 1.1)," Software Engineering Institute, Carnegie Mellon
+University, Dec. 2020. [Online]. Available: [https://github.com/CERTCC/SSVC/blob/main/pdfs/weis20-final6.pdf](https://github.com/CERTCC/SSVC/blob/main/pdfs/weis20-final6.pdf)  
+[4] J. M. Spring, A. D. Householder, E. Hatleback, A. Manion, M. Oliver,
+V. Sarvepalli, L. Tyzenhaus, and C. Yarbrough,
+"Prioritizing Vulnerability Response: a Stakeholder-Specific Vulnerability
+Categorization (Version 2.0)," Software Engineering Institute, Carnegie Mellon
+University, Apr. 2021. [Online]. Available: [https://github.com/CERTCC/SSVC/blob/main/pdfs/2021_019_001_653461.pdf](https://github.com/CERTCC/SSVC/blob/main/pdfs/2021_019_001_653461.pdf)  
+[5] J. M. Spring, E. Hatleback, A. D. Householder, V. Sarvepalli, L. Tyzenhaus,
+and C. Yarbrough, "Prioritizing Vulnerability Response: a Stakeholder-Specific
+Vulnerability Categorization (SSVC) version 2.1.0-edb6c97," Software
+Engineering Institute, Carnegie Mellon University, Sep. 2023. [Online].
+Available: [https://github.com/CERTCC/SSVC/blob/main/pdfs/ssvc_2_1_draft.pdf](https://github.com/CERTCC/SSVC/blob/main/pdfs/ssvc_2_1_draft.pdf)  
+
+The SSVC team thanks the [contributors](https://github.com/CERTCC/SSVC/graphs/contributors)
+to the [SSVC project](https://github.com/CERTCC/SSVC) on GitHub as well as the
+following individuals for helpful comments on earlier versions (listed in
+alphabetical order):
 Muhammad Akbar,
 Will Dormann,
 Manish Gaur,
 Ralph Langer,
-David Oxley
+David Oxley,
 Dale Peterson,
+Bernhard Reiter,
+Thomas Schmidt,
 Jeroen van der Ham,
 Michel van Eeten,
 and Sounil Yu.
 
-The authors also thank those others too numerous to name individually who provided comments and feedback, including:
+The SSVC team also thanks those others too numerous to name individually who
+provided comments and feedback, including:
 Attendees at S4, Miami FL 2020;
 Attendees at A Conference on Defense (ACoD), Austin TX 2020;
 Anonymous WEIS reviewers;
 Various staff members and analysts at CERT/CC, CISA, McAfee, and VMWare;
 FIRST CVSS SIG and EPSS SIG members;
+OASIS CSAF TC;
 and others who wish to remain anonymous.