Hi Richard, > You are correct what is at risk with respect to Course of Action is the STIX 2.1 changes to the object. If, > due to lack of sponsorship, we are required to remove the 2.1 additions/changes to Course of Action, the > specification will revert to the Course of Action as specified in STIX 2.0. > Does that answer your question? Yes, this solves my doubts. Thanks for the quick feedback. Best regards Marco Siemens AG Corporate Technology Research in Digitalization and Automation Corporate CERT Services CT RDA ITS CER-DE Otto-Hahn-Ring 6 81739 Muenchen, Germany mailto:
marco.caselli@siemens.com www.siemens.com/ingenuityforlife Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Jim Hagemann Snabe; Managing Board: Joe Kaeser, Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel, Cedrik Neike, Michael Sen, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322 From: Struse, Richard J. <
rjs@mitre.org> Sent: Friday, January 17, 2020 1:40 PM To: Caselli, Marco (CT RDA CST SEL-DE) <
marco.caselli@siemens.com>;
cti@lists.oasis-open.org Subject: Re: [EXT] [cti] Request for clarification on the effects of missing sponsorships Marco You are correct what is at risk with respect to Course of Action is the STIX 2.1 changes to the object. If, due to lack of sponsorship, we are required to remove the 2.1 additions/changes to Course of Action, the specification will revert to the Course of Action as specified in STIX 2.0. Does that answer your question? Rich From: <
cti@lists.oasis-open.org > on behalf of "Caselli, Marco" <
marco.caselli@siemens.com > Date: Friday, January 17, 2020 at 7:33 AM To: "
cti@lists.oasis-open.org " <
cti@lists.oasis-open.org > Subject: [EXT] [cti] Request for clarification on the effects of missing sponsorships Dear all, I am writing this email to ask for some clarifications about the effects of a missing sponsorship for some STIX 2.1 objects. From our last call, I understood that Infrastructure and Course of Action are at risk of being removed from the standard. In this regard, I was wondering about the fact that, while infrastructure is a new object, Course of Action was already introduced in STIX 2.0. If I do not see any technical issue in removing Infrastructure (besides the effort of going through the whole standard and ensuring integrity), would not the removal of Course of Action impact backward compatibility? As an alternative, could the missing sponsorship mean going back to the STIX 2.0 representation of Course of Action ? Best regards Marco Siemens AG Corporate Technology Research in Digitalization and Automation Corporate CERT Services CT RDA ITS CER-DE Otto-Hahn-Ring 6 81739 Muenchen, Germany mailto:
marco.caselli@siemens.com www.siemens.com/ingenuityforlife Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Jim Hagemann Snabe; Managing Board: Joe Kaeser, Chairman, President and Chief Executive Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel, Cedrik Neike, Michael Sen, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322 Attachment: smime.p7s Description: S/MIME cryptographic signature