OASIS members and other interested parties,
OASIS and the Open Command and Control (OpenC2) TC are pleased to announce
that the first three specifications in the OpenC2 suite are now available
for public review and comment:
- Open Command and Control (OpenC2) Language Specification Version 1.0
- Open Command and Control (OpenC2) Profile for Stateless Packet Filtering
Version 1.0
- Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0
OpenC2 is a suite of specifications to achieve command and control of cyber
defense functions. These specifications include the OpenC2 Language
Specification, Actuator Profiles, and Transfer Specifications. The OpenC2
Language Specification and Actuator Profile(s) focus on the standard at the
producer and consumer of the command and response while the transfer
specifications focus on the protocols for their exchange.
- The OpenC2 Language Specification provides the semantics for the
essential elements of the language, the structure for commands and
responses, and the schema that defines the proper syntax for the language
elements that represents the command or response.
- OpenC2 Actuator Profiles specify the subset of the OpenC2 language
relevant in the context of specific actuator functions. Cyber defense
components may implement multiple actuator profiles. Actuator profiles
extend the language by defining specifiers that identify the actuator to
the required level of precision and may define command arguments for those
actuator functions. "OpenC2 Profile for Stateless Packet Filtering" is the
first OpenC2 Actuator Profile.
- OpenC2 Transfer Specifications utilize existing protocols and standards
to implement OpenC2 in specific environments. These standards are used for
communications and security functions beyond the scope of the OpenC2
language, such as message transfer encoding, authentication, and end-to-end
transport of OpenC2 messages. "Transfer of OpenC2 Messages via HTTPS" is
the first OpenC2 Transfer Specification.
Each specification would best be reviewed in the context of the overall
suite of companion specifications.
The documents and related files are available here:
Open Command and Control (OpenC2) Language Specification Version 1.0
Committee Specification Draft 07 / Public Review Draft 01
17 October 2018
Editable source in Markdown (Authoritative):
http://docs.oasis-open.org/openc2/oc2ls/v1.0/csprd01/oc2ls-v1.0-csprd01.mdHTML:
http://docs.oasis-open.org/openc2/oc2ls/v1.0/csprd01/oc2ls-v1.0-csprd01.htmlPDF:
http://docs.oasis-open.org/openc2/oc2ls/v1.0/csprd01/oc2ls-v1.0-csprd01.pdfJSON Schemas:
http://docs.oasis-open.org/openc2/oc2ls/v1.0/csprd01/schemas/Complete ZIP package of specification documents and related files:
http://docs.oasis-open.org/openc2/oc2ls/v1.0/csprd01/oc2ls-v1.0-csprd01.zip******
Open Command and Control (OpenC2) Profile for Stateless Packet Filtering
Version 1.0
Committee Specification Draft 04 / Public Review Draft 01
17 October 2018
Editable source in Markdown (Authoritative):
http://docs.oasis-open.org/openc2/oc2slpf/v1.0/csprd01/oc2slpf-v1.0-csprd01.mdHTML:
http://docs.oasis-open.org/openc2/oc2slpf/v1.0/csprd01/oc2slpf-v1.0-csprd01.htmlPDF:
http://docs.oasis-open.org/openc2/oc2slpf/v1.0/csprd01/oc2slpf-v1.0-csprd01.pdfJSON schemas:
http://docs.oasis-open.org/openc2/oc2slpf/v1.0/csprd01/schemas/Complete ZIP package of specification documents and related files:
http://docs.oasis-open.org/openc2/oc2slpf/v1.0/csprd01/oc2slpf-v1.0-csprd01.zip******
Specification for Transfer of OpenC2 Messages via HTTPS Version 1.0
Committee Specification Draft 03 / Public Review Draft 01
17 October 2018
Editable source in Markdown (Authoritative):
http://docs.oasis-open.org/openc2/open-impl-https/v1.0/csprd01/open-impl-https-v1.0-csprd01.mdHTML:
http://docs.oasis-open.org/openc2/open-impl-https/v1.0/csprd01/open-impl-https-v1.0-csprd01.htmlPDF:
http://docs.oasis-open.org/openc2/open-impl-https/v1.0/csprd01/open-impl-https-v1.0-csprd01.pdfComplete ZIP package of specification documents and any related files:
http://docs.oasis-open.org/openc2/open-impl-https/v1.0/csprd01/open-impl-https-v1.0-csprd01.zipHow to Provide Feedback
The TC requests reviewers reference their comments to the page and nearest
line numbers in the PDF versions.
OASIS and the OpenC2 TC value your feedback. We solicit input from
developers, users and others, whether OASIS members or not, for the sake of
improving the interoperability and quality of our technical work.
The public review starts 10 November at 00:00 UTC and ends 10 December at
23:59 UTC.
Comments may be submitted to the TC by any person through the use of the
OASIS TC Comment Facility which can be used by following the instructions
on the TC's "Send A Comment" page (
https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=openc2).The TC requests that reviewers reference their comments to the page and
nearest line numbers in the PDF versions.
Comments submitted by TC non-members for this work and for other work of
this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/openc2-comment/All comments submitted to OASIS are subject to the OASIS Feedback License,
which ensures that the feedback you provide carries the same obligations at
least as the obligations of the TC members. In connection with this public
review, we call your attention to the OASIS IPR Policy [1] applicable
especially [2] to the work of this Technical Committee. All members of the
TC should be familiar with this document, which may create obligations
regarding the disclosure and availability of a member's patent, copyright,
trademark and license rights that read on an approved OASIS specification.
OASIS invites any persons who know of any such claims to disclose these if
they may be essential to the implementation of the above specification, so
that notice of them may be posted to the notice page for this TC's work.
Additional information about the specifications and the OpenC2 TC can be
found at the TC's public home page:
https://www.oasis-open.org/committees/openc2/========== Additional references:
[1]
http://www.oasis-open.org/who/intellectualproperty.php[2]
http://www.oasis-open.org/committees/openc2/ipr.phphttps://www.oasis-open.org/policies-guidelines/ipr#Non-Assertion-ModeNon-Assertion Mode
--
Paul Knight <
paul.knight@oasis-open.org> - Tel: +1 781-883-1783
OASIS <https://www.oasis-open.org/> - Advancing open standards for the
information society - Document Process Analyst
<https://www.oasis-open.org/people/staff/paul-knight>