OASIS Cyber Threat Intelligence (CTI) TC

  • 1.  Open Public Review for STIX 2.0

    Posted 02-08-2017 14:08




    All,

    As we’ve discussed a few times before, now that we have a STIX 2.0 CSD (Committee Specification Draft) we need to decide how far along the OASIS process to take the specification. The next step for work product formalization would be a Committee Specification.
     
    As a reminder:
     
    A Committee Specification Draft:
    ·         
    Is approved by the TC by a full majority ballot. We have this now; the current state of the specs was approved as STIX 2.0 CSD01.
    ·         
    Does not confer IPR protections as an “OASIS Standards Final Deliverable”
     
    A Committee Specification:
    ·         
    Can only be approved after at least one public review period.
    ·         
    Is fully approved once a review period passes with no material changes required, and that draft is voted on by a special majority (2/3) vote of the TC.

    Confers IPR protections as an “OASIS Standards Final Deliverable” Given all the ballots and review periods that are required, it’ll likely be 2-3 months before we can get to this stage.
     
    At a practical level, though, the logical next step for us regardless of CS vs. CSD is to open a public review period. This is an important step in the process to getting to a CS, but more importantly, it
    allows us to get feedback from those outside the TC sooner rather than later. That feedback may identify things that are broken in STIX 2.0, things that could be improved, or things that we could consider adding…so the sooner we get it done, the better. Even
    if we feel it’s not important to push towards a CS right now, it’s still important to open that public review for STIX 2.0 so we can get that feedback.
     
    Some people have suggested that because we have a couple stub objects in the spec and don’t cover all of what was in STIX 1.x we may get some pushback on whether we’re “done” in the public review. Aside from
    just taking that as it comes (it’s good feedback!) Trey has suggested that we create an FAQ to answer common questions about why we scoped things the way we did (MVP release, etc.) and talking about our roadmap to add those objects. That should hopefully head
    off some of those concerns.
     
    Are there any objections to opening a public review period on STIX 2.0? If not, we’ll go ahead to make the motion to do so Thursday morning EST.
     
    Thanks,
    John
     






  • 2.  Re: [cti] Open Public Review for STIX 2.0

    Posted 02-09-2017 08:02
    Sounds good to me. As you say it's important to gather feedback from the general public as quickly as possible. If it also helps us along the path to CSD then that can only be a good thing. Cheers Terry MacDonald Cosive On 9 Feb. 2017 3:07 am, "Wunder, John A." < jwunder@mitre.org > wrote: All, As we’ve discussed a few times before, now that we have a STIX 2.0 CSD (Committee Specification Draft) we need to decide how far along the OASIS process to take the specification. The next step for work product formalization would be a Committee Specification.   As a reminder:   A Committee Specification Draft: ·          Is approved by the TC by a full majority ballot. We have this now; the current state of the specs was approved as STIX 2.0 CSD01. ·          Does not confer IPR protections as an “OASIS Standards Final Deliverable”   A Committee Specification: ·          Can only be approved after at least one public review period. ·          Is fully approved once a review period passes with no material changes required, and that draft is voted on by a special majority (2/3) vote of the TC. Confers IPR protections as an “OASIS Standards Final Deliverable” Given all the ballots and review periods that are required, it’ll likely be 2-3 months before we can get to this stage.   At a practical level, though, the logical next step for us regardless of CS vs. CSD is to open a public review period. This is an important step in the process to getting to a CS, but more importantly, it allows us to get feedback from those outside the TC sooner rather than later. That feedback may identify things that are broken in STIX 2.0, things that could be improved, or things that we could consider adding…so the sooner we get it done, the better. Even if we feel it’s not important to push towards a CS right now, it’s still important to open that public review for STIX 2.0 so we can get that feedback.   Some people have suggested that because we have a couple stub objects in the spec and don’t cover all of what was in STIX 1.x we may get some pushback on whether we’re “done” in the public review. Aside from just taking that as it comes (it’s good feedback!) Trey has suggested that we create an FAQ to answer common questions about why we scoped things the way we did (MVP release, etc.) and talking about our roadmap to add those objects. That should hopefully head off some of those concerns.   Are there any objections to opening a public review period on STIX 2.0? If not, we’ll go ahead to make the motion to do so Thursday morning EST.   Thanks, John  


  • 3.  Re: Open Public Review for STIX 2.0

    Posted 02-09-2017 13:10




    All,
     
    Hearing no objections and in order to get the ball rolling,
    I move that the CTI TC approve STIX 2.0 WD01, revision 2 and all associated artifacts packaged together in
    https://www.oasis-open.org/apps/org/workgroup/cti/download.php/59986 as a Committee Specification Draft, and designate the Word version of the specification as authoritative.
    I further move that the CTI TC approve submitting the resulting CSD for 30 days of public review.
     
    For awareness, here are the changes since the last ballot:
     
    -          
    Corrected some examples in Part 4
    -          
    Updated the created timestamp for the TLP entries in Part 1 to correspond to the release date of the document
    -          
    Clarified text in document colors/styles about the formatting of examples across all parts
    -          
    Clarified text about the use of common properties in custom objects in Part 1
     
    John
     

    From: John Wunder <jwunder@mitre.org>
    Date: Wednesday, February 8, 2017 at 9:07 AM
    To: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>
    Subject: Open Public Review for STIX 2.0


     

    All,

    As we’ve discussed a few times before, now that we have a STIX 2.0 CSD (Committee Specification Draft) we need to decide how far along the OASIS process to take the specification. The next step for work product formalization would be a Committee Specification.
     
    As a reminder:
     
    A Committee Specification Draft:
    ·         
    Is approved by the TC by a full majority ballot. We have this now; the current state of the specs was approved as STIX 2.0 CSD01.
    ·         
    Does not confer IPR protections as an “OASIS Standards Final Deliverable”
     
    A Committee Specification:
    ·         
    Can only be approved after at least one public review period.
    ·         
    Is fully approved once a review period passes with no material changes required, and that draft is voted on by a special majority (2/3) vote of the TC.

    Confers IPR protections as an “OASIS Standards Final Deliverable” Given all the ballots and review periods that are required, it’ll likely be 2-3 months before we can get to this stage.
     
    At a practical level, though, the logical next step for us regardless of CS vs. CSD is to open a public review period. This is an important step in the process to getting to a CS, but more importantly, it
    allows us to get feedback from those outside the TC sooner rather than later. That feedback may identify things that are broken in STIX 2.0, things that could be improved, or things that we could consider adding…so the sooner we get it done, the better. Even
    if we feel it’s not important to push towards a CS right now, it’s still important to open that public review for STIX 2.0 so we can get that feedback.
     
    Some people have suggested that because we have a couple stub objects in the spec and don’t cover all of what was in STIX 1.x we may get some pushback on whether we’re “done” in the public review. Aside from
    just taking that as it comes (it’s good feedback!) Trey has suggested that we create an FAQ to answer common questions about why we scoped things the way we did (MVP release, etc.) and talking about our roadmap to add those objects. That should hopefully head
    off some of those concerns.
     
    Are there any objections to opening a public review period on STIX 2.0? If not, we’ll go ahead to make the motion to do so Thursday morning EST.
     
    Thanks,
    John
     






  • 4.  Re: [cti] Re: Open Public Review for STIX 2.0

    Posted 02-09-2017 13:30
    On 09.02.2017 13:09:48, Wunder, John A. wrote: > All, > > Hearing no objections and in order to get the ball rolling, I move > that the CTI TC approve STIX 2.0 WD01, revision 2 and all associated > artifacts packaged together in > https://www.oasis-open.org/apps/org/workgroup/cti/download.php/59986 > as a Committee Specification Draft, and designate the Word version > of the specification as authoritative. I further move that the CTI > TC approve submitting the resulting CSD for 30 days of public > review. > Motion seconded. Thanks, John! -- Cheers, Trey ++--------------------------------------------------------------------------++ Kingfisher Operations, sprl gpg fingerprint: 85F3 5F54 4A2A B4CD 33C4 5B9B B30D DD6E 62C8 6C1D ++--------------------------------------------------------------------------++ -- "Conservative, n.: One who admires radicals centuries after they're dead." --Leo Rosten Attachment: signature.asc Description: Digital signature