I've added the material discussed this morning: an OpenC2 command (currently section 5.16) and a Transfer Methods OV (currently section 5.16.1).
Looking at other spec content and thinking about this morning's discussions, I think the underlying challenge is that communications via MQTT is currently unique in CACAO. All other methods are effectively specifying the endpoint of an instance of communications whereas with MQTT the broker is an intermediary. The HTTP, Linux System, Network Address, and SSH CLI agent types all include an address (among other properties) but its meaning is different because it's where the command needs to end up rather than the mechanism for getting it there. I think that's fundamentally why we're wrestling with integrating OpenC2 over MQTT into the CACAO Spec.
------------------------------
David Lemire, CISSP
HII / National Security Agency
OpenC2 TC Secretary
david.lemire@hii-tsd.com------------------------------