OASIS Cyber Threat Intelligence (CTI) TC

Happy New Year!   Thanks to everyone who voted on CSD05, it passed and the public review period is now complete. We received 3 comments during that time. The proposed comment resolution log is attached.   The comments included - a question about avoiding duplicates which was answered on the list (Thanks to Rich and Keven!) and requires no spec change - identification of an editorial problem with the Identity Class open vocabulary table (unspecified in the summary, unknown in the body) - request to add an optional pointer to a human readable comment about the extension   Are you willing to accept the resolution (accept) of the latter two since they are simple editorial fixes and clarifications? These changes are simple and straightforward enough that Bret nor I believe that a working group call is needed, but we wanted to make sure that you agree with the changes and are in agreement with this plan. Please let us know.   Thank you!   Emily Ratliff STSM, Security Architect IBM Security Attachment: comment-resolution-log-stix2.1CSD5PR01 .xlsx Description: Binary data

I fully support making these changes. Just to be clear, this will NOT require another CSD ballot and public review since these are non-material / editorial changes. So we can mint a new version and use the new version for the CS ballot. Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." On Thu, Jan 14, 2021 at 1:21 PM Emily Ratliff < Emily.Ratliff@ibm.com > wrote: Happy New Year! Thanks to everyone who voted on CSD05, it passed and the public review period is now complete. We received 3 comments during that time. The proposed comment resolution log is attached. The comments included - a question about avoiding duplicates which was answered on the list (Thanks to Rich and Keven!) and requires no spec change - identification of an editorial problem with the Identity Class open vocabulary table (unspecified in the summary, unknown in the body) - request to add an optional pointer to a human readable comment about the extension Are you willing to accept the resolution (accept) of the latter two since they are simple editorial fixes and clarifications? These changes are simple and straightforward enough that Bret nor I believe that a working group call is needed, but we wanted to make sure that you agree with the changes and are in agreement with this plan. Please let us know. Thank you! Emily Ratliff STSM, Security Architect IBM Security --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it. Attachment: smime.p7s Description: S/MIME Cryptographic Signature

I have not seen or heard anyone say anything else about this. So I move that the TC accept these changes and produce a new version of STIX 2.1 that includes these non-material changes that came in via public review and open a ballot to approve this new version with non-material changes as a Committee Specification (CS). Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg." On Thu, Jan 14, 2021 at 1:21 PM Emily Ratliff < Emily.Ratliff@ibm.com > wrote: Happy New Year! Thanks to everyone who voted on CSD05, it passed and the public review period is now complete. We received 3 comments during that time. The proposed comment resolution log is attached. The comments included - a question about avoiding duplicates which was answered on the list (Thanks to Rich and Keven!) and requires no spec change - identification of an editorial problem with the Identity Class open vocabulary table (unspecified in the summary, unknown in the body) - request to add an optional pointer to a human readable comment about the extension Are you willing to accept the resolution (accept) of the latter two since they are simple editorial fixes and clarifications? These changes are simple and straightforward enough that Bret nor I believe that a working group call is needed, but we wanted to make sure that you agree with the changes and are in agreement with this plan. Please let us know. Thank you! Emily Ratliff STSM, Security Architect IBM Security --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it. Attachment: smime.p7s Description: S/MIME Cryptographic Signature

I second this motion.   Thanks, Bret!   Emily Ratliff STSM, Security Architect IBM Security    
Original message ----- From: Bret Jordan <bret.jordan@broadcom.com> Sent by: <cti@lists.oasis-open.org> To: Emily Ratliff <Emily.Ratliff@ibm.com> Cc: OASIS CTI TC Discussion List <cti@lists.oasis-open.org> Subject: [EXTERNAL] Re: [cti] Comment Resolution Log for STIX 2.1 CSD 05 Date: Fri, Jan 15, 2021 11:17 AM   I have not seen or heard anyone say anything else about this.   So I move that the TC accept these changes and produce a new version of STIX 2.1 that includes these non-material changes that came in via public review and open a ballot to approve this new version with non-material changes as a Committee Specification (CS).    Thanks, Bret PGP Fingerprint:  63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   On Thu, Jan 14, 2021 at 1:21 PM Emily Ratliff < Emily.Ratliff@ibm.com > wrote: Happy New Year!   Thanks to everyone who voted on CSD05, it passed and the public review period is now complete. We received 3 comments during that time. The proposed comment resolution log is attached.   The comments included - a question about avoiding duplicates which was answered on the list (Thanks to Rich and Keven!) and requires no spec change - identification of an editorial problem with the Identity Class open vocabulary table (unspecified in the summary, unknown in the body) - request to add an optional pointer to a human readable comment about the extension   Are you willing to accept the resolution (accept) of the latter two since they are simple editorial fixes and clarifications? These changes are simple and straightforward enough that Bret nor I believe that a working group call is needed, but we wanted to make sure that you agree with the changes and are in agreement with this plan. Please let us know.   Thank you!   Emily Ratliff STSM, Security Architect IBM Security --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail.  Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.    

Bret: I second the motion. Jane Ginn On 1/15/2021 10:17 AM, Bret Jordan wrote: I have not seen or heard anyone say anything else about this. So I move that the TC accept these changes and produce a new version of STIX 2.1 that includes these non-material changes that came in via public review and open a ballot to approve this new version with non-material changes as a Committee Specification (CS). Thanks, Bret PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg. On Thu, Jan 14, 2021 at 1:21 PM Emily Ratliff < Emily.Ratliff@ibm.com > wrote: Happy New Year! Thanks to everyone who voted on CSD05, it passed and the public review period is now complete. We received 3 comments during that time. The proposed comment resolution log is attached. The comments included - a question about avoiding duplicates which was answered on the list (Thanks to Rich and Keven!) and requires no spec change - identification of an editorial problem with the Identity Class open vocabulary table (unspecified in the summary, unknown in the body) - request to add an optional pointer to a human readable comment about the extension Are you willing to accept the resolution (accept) of the latter two since they are simple editorial fixes and clarifications? These changes are simple and straightforward enough that Bret nor I believe that a working group call is needed, but we wanted to make sure that you agree with the changes and are in agreement with this plan. Please let us know. Thank you! Emily Ratliff STSM, Security Architect IBM Security --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it. -- ********************************** R. Jane Ginn, MSIA, MRP OASIS, CTI TC Secretary OASIS, TAC TC Secretary jg@ctin.us **********************************

On 15.01.2021 10:17:24, Bret Jordan wrote: > I have not seen or heard anyone say anything else about this. > > So I move that the TC accept these changes and produce a new version of > STIX 2.1 that includes these non-material changes that came in via public > review and open a ballot to approve this new version with non-material > changes as a Committee Specification (CS). > > Thanks, > Bret > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can > not be unscrambled is an egg." > > I second this motion. -- Trey Darley Co-chair, OASIS CTI TC Systems and Security Architect, CERT.be -- Nullum magnum ingenium sine mixtura dementiae fuit. --Seneca -- CERT.be / Centre for Cyber Security Belgium Mail: trey.darley@cert.be GPG: CA5B 29E4 937E 151E 2550 6607 AE9A 7FF2 8000 0E4E Web: https://www.cert.be -- Under the authority of the Prime Minister rue de la Loi 16/Wetstraat 16, 1000 Brussels - Belgium Attachment: signature.asc Description: PGP signature