Has the idea been floated for something akin to "provisional" objects? It would be nice to be able to reference objects that have been discussed by stakeholders but not been formally ratified in the community. A lot of these objects that are not important enough to hold up Cybox 3.0, we may have some form of provisional proposal that people could make use of. I am thinking similar to how web standards work. Frequently (in fact, almost always), web browser vendors reference and implement provisional specifications, for months and sometimes for years before they are ratified. Once they are ratified, they make the needed changes in their basal implementations to use the officially blessed behaviours. - Jason Keirstead STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security www.securityintelligence.com Without data, all you are is just another person with an opinion - Unknown "Kirillov, Ivan A." ---01/29/2016 04:47:06 PM---Yup – as Sean mentioned, we’d like to talk about the Object selection approach for CybOX 3.0. For th From: "Kirillov, Ivan A." <
ikirillov@mitre.org> To: "Barnum, Sean D." <
sbarnum@mitre.org>, "Jordan, Bret" <
bret.jordan@bluecoat.com>, "cti@lists.oasis-open.org" <
cti@lists.oasis-open.org> Date: 01/29/2016 04:47 PM Subject: Re: [cti] Next weeks working call Sent by: <
cti@lists.oasis-open.org> Yup – as Sean mentioned, we’d like to talk about the Object selection approach for CybOX 3.0. For those interested in some prior reading, here’s a wiki page that documents our current thinking:
https://github.com/CybOXProject/schemas/wiki/CybOX-3.0:-Object-Selection Regards, Ivan From: <
cti@lists.oasis-open.org > on behalf of Sean Barnum <
sbarnum@mitre.org > Date: Friday, January 29, 2016 at 1:44 PM To: Bret Jordan <
bret.jordan@bluecoat.com >, "
cti@lists.oasis-open.org " <
cti@lists.oasis-open.org > Subject: Re: [cti] Next weeks working call I think we already have topics lined up. I’m pretty sure that CybOX wanted some time to talk about Object selection. Ivan said they would need at least 30 mins. STIX is hoping to use the rest of the time to talk about Source reference approach which is in the set of Indicator tranche plan topics for next week. Versioning is not slated until the week of 2/15. sean From: <
cti@lists.oasis-open.org > on behalf of "Jordan, Bret" <
bret.jordan@bluecoat.com > Date: Friday, January 29, 2016 at 2:54 PM To: "
cti@lists.oasis-open.org " <
cti@lists.oasis-open.org > Subject: [cti] Next weeks working call Here are some possible topics for next week's working call: 1) Do we really need the indicator type field. Jason / John Wunder to discuss 2) How to do versioning. Thanks, Bret Bret Jordan CISSP Director of Security Architecture and Standards Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."