OASIS Cyber Threat Intelligence (CTI) TC

I propose the creation of three subcommittees to start with: STIX TAXII CYBOX Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   Attachment: signature.asc Description: Message signed with OpenPGP using GPGMail

I am going to actually change my proposal... :)  I propose we create the following working groups, and make the working groups tied to work products..  This way we do not cross mix work.   STIX 1.3 (the OASIS version of STIX 1.2) TAXII 1.2 (the OASIS version of TAXII 1.1) CYBOX 2.2 (the OASIS version of CYBOX 2.1) STIX 2.0 TAXII 2.0 CTI-OUTREACH Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   On Jun 18, 2015, at 12:36, Bret Jordan < bret.jordan@bluecoat.com > wrote: I propose the creation of three subcommittees to start with: STIX TAXII CYBOX Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   Attachment: signature.asc Description: Message signed with OpenPGP using GPGMail

...and what of a subcommittee to effect the means for global ISAO discovery? On 2015-06-18 2:59 PM, Jordan, Bret wrote: I am going to actually change my proposal... :)  I propose we create the following working groups, and make the working groups tied to work products..  This way we do not cross mix work.   STIX 1.3 (the OASIS version of STIX 1.2) TAXII 1.2 (the OASIS version of TAXII 1.1) CYBOX 2.2 (the OASIS version of CYBOX 2.1) STIX 2.0 TAXII 2.0 CTI-OUTREACH Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   On Jun 18, 2015, at 12:36, Bret Jordan < bret.jordan@bluecoat.com > wrote: I propose the creation of three subcommittees to start with: STIX TAXII CYBOX Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   -- ________________________________ Anthony Michael Rutkowski EVP, Industry Standards & Regulatory Affairs tony@yaanatech.com +1 703 999 8270 ________________________________ Yaana Technologies LLC 542 Gibraltar Drive Milpitas CA 95035 USA

Before the list is overwhelmed with subcommittee talk, could we perhaps setup a polling facility somewhere that folks could review existing suggestions, suggest a new subcommittee, and vote to accept/reject/abstain?   I think it would be more productive than parsing email towards the same outcome.   From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org] On Behalf Of Tony Rutkowski Sent: June 18, 2015 15:01 To: Jordan, Bret; cti@lists.oasis-open.org Subject: Re: [cti] Re: Subcommittees   ...and what of a subcommittee to effect the means for global ISAO discovery? On 2015-06-18 2:59 PM, Jordan, Bret wrote: I am going to actually change my proposal... :)    I propose we create the following working groups, and make the working groups tied to work products..  This way we do not cross mix work.       STIX 1.3 (the OASIS version of STIX 1.2) TAXII 1.2 (the OASIS version of TAXII 1.1) CYBOX 2.2 (the OASIS version of CYBOX 2.1) STIX 2.0 TAXII 2.0 CTI-OUTREACH     Thanks,   Bret       Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."    On Jun 18, 2015, at 12:36, Bret Jordan < bret.jordan@bluecoat.com > wrote:   I propose the creation of three subcommittees to start with:   STIX TAXII CYBOX       Thanks,   Bret       Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."        -- ________________________________ Anthony Michael Rutkowski EVP, Industry Standards & Regulatory Affairs tony@yaanatech.com +1 703 999 8270 ________________________________ Yaana Technologies LLC 542 Gibraltar Drive Milpitas CA 95035 USA Attachment: smime.p7s Description: S/MIME cryptographic signature

Greg: Good idea.. A self-serving way we could do this would be to set up Threads and have each Member and Observer add their nominations/ comments on the specific Thread. Jane Sent by MailWise – See your emails as clean, short chats.
Original Message -------- From: Greg Reaume <Greg.Reaume@telus.com> Sent: Thursday, June 18, 2015 12:12 PM To: cti@lists.oasis-open.org Subject: RE: [cti] Re: Subcommittees Before the list is overwhelmed with subcommittee talk, could we perhaps setup a polling facility somewhere that folks could review existing suggestions, suggest a new subcommittee, and vote to accept/reject/abstain?   I think it would be more productive than parsing email towards the same outcome.   From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org] On Behalf Of Tony Rutkowski Sent: June 18, 2015 15:01 To: Jordan, Bret; cti@lists.oasis-open.org Subject: Re: [cti] Re: Subcommittees   ...and what of a subcommittee to effect the means for global ISAO discovery? On 2015-06-18 2:59 PM, Jordan, Bret wrote: I am going to actually change my proposal... :)    I propose we create the following working groups, and make the working groups tied to work products..  This way we do not cross mix work.       STIX 1.3 (the OASIS version of STIX 1.2) TAXII 1.2 (the OASIS version of TAXII 1.1) CYBOX 2.2 (the OASIS version of CYBOX 2.1) STIX 2.0 TAXII 2.0 CTI-OUTREACH     Thanks,   Bret       Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."    On Jun 18, 2015, at 12:36, Bret Jordan < bret.jordan@bluecoat.com > wrote:   I propose the creation of three subcommittees to start with:   STIX TAXII CYBOX       Thanks,   Bret       Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."        -- ________________________________ Anthony Michael Rutkowski EVP, Industry Standards & Regulatory Affairs tony@yaanatech.com +1 703 999 8270 ________________________________ Yaana Technologies LLC 542 Gibraltar Drive Milpitas CA 95035 USA

That could be very useful.  Why not write up a simple statement of what that subcommittee would look like.  I think the ones I listed below are pretty self explanatory.  The CTI-OUTREACH is from Joep's suggestion.   Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   On Jun 18, 2015, at 13:01, Tony Rutkowski < tony@yaanatech.com > wrote: ...and what of a subcommittee to effect the means for global ISAO discovery? On 2015-06-18 2:59 PM, Jordan, Bret wrote: I am going to actually change my proposal... :)  I propose we create the following working groups, and make the working groups tied to work products..  This way we do not cross mix work.   STIX 1.3 (the OASIS version of STIX 1.2) TAXII 1.2 (the OASIS version of TAXII 1.1) CYBOX 2.2 (the OASIS version of CYBOX 2.1) STIX 2.0 TAXII 2.0 CTI-OUTREACH Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   On Jun 18, 2015, at 12:36, Bret Jordan < bret.jordan@bluecoat.com > wrote: I propose the creation of three subcommittees to start with: STIX TAXII CYBOX Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg.   -- ________________________________ Anthony Michael Rutkowski EVP, Industry Standards & Regulatory Affairs tony@yaanatech.com +1 703 999 8270 ________________________________ Yaana Technologies LLC 542 Gibraltar Drive Milpitas CA 95035 USA Attachment: signature.asc Description: Message signed with OpenPGP using GPGMail

If you are going to have a STIX 2.0, presumably it will evolve from 1.2 – ditto TAXII and CYBOX. I don’t see the utility of discrete SCs for the different versions – on the contrary I can imagine many problems with this approach Peter   Peter F Brown Independent Consultant CIPT ”Using Information Technologies to Empower and Transform” 200 S Barrington Ave., #49719 Los Angeles , CA 90049, USA Tel: +1.310.694.2278 www.PeterFBrown.com       From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org] On Behalf Of Jordan, Bret Sent: 18 June, 2015 11:59 To: cti@lists.oasis-open.org Subject: [cti] Re: Subcommittees   I am going to actually change my proposal... :)    I propose we create the following working groups, and make the working groups tied to work products..  This way we do not cross mix work.       STIX 1.3 (the OASIS version of STIX 1.2) TAXII 1.2 (the OASIS version of TAXII 1.1) CYBOX 2.2 (the OASIS version of CYBOX 2.1) STIX 2.0 TAXII 2.0 CTI-OUTREACH     Thanks,   Bret       Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."    On Jun 18, 2015, at 12:36, Bret Jordan < bret.jordan@bluecoat.com > wrote:   I propose the creation of three subcommittees to start with:   STIX TAXII CYBOX       Thanks,   Bret       Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 62A6 5999 0F7D 0D61 4C66 D59C 2DB5 111D 63BC A303 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."