OASIS Cyber Threat Intelligence (CTI) TC

 View Only

GitHub Repos and Organizations (was: RE: [cti] Status of CTI OASIS Open Repositories)

  • 1.  GitHub Repos and Organizations (was: RE: [cti] Status of CTI OASIS Open Repositories)

    Posted 10-05-2016 20:57
    As far as I know, there is nothing keeping someone from creating their own repo outside of OASIS channels for content related to the TC's work. We (MITRE and DHS) chose to use OASIS open repositories in the hope that it would make others more willing to contribute to the work that we've been doing. Other organizations are of course free to make different decisions. It's possible that OASIS open repositories will seem "more official", but to the best of my knowledge the only actual distinction is that the former were "approved" by the TC and "maintained" by a TC member (the maintainer doesn't *need* to be a TC member, but I imagine in practice will usually be). I expect that the OASIS Staff, with admin rights to the "oasis-open" organization, will be responsive to decisions made by the TC (via ballots or approved during TC meetings) regarding the open repositories. But is important to distinguish the open repos from TC work products, to not include work products in the open repos (since there are different IPR considerations for each, among other policy concerns), and to combat any perception that the *content* in the open repos is supported by the TC in the same way that work products are. In serving as the maintainer of many of the open repos, my intent is to take burden off of the Chair and Co-Chairs, not to override decisions. Any decisions a maintainer could make do not impact TC work products. The TC can obviously add, remove, or change maintainers by ballot or during TC meetings, though I believe the intent is to not require that level of formality. In terms of URLs, it's easy to set up https://cti-tc.github.io/ to point to https://oasis-open.github.io/cti-documentation ). In fact, it already does (but there's no content at the latter URL, yet). >