OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Secu

 View Only
  • 1.  Agenda for upcoming meetings

    Posted 03-27-2024 13:24

    For our next call we will be discussing the changes that are being proposed by Luca.

    Here are some ideas for future meetings, please comment and suggest additional ideas. 

    Product and solution demos (Luca, Rooster, Cydarm, etc)
    Demo of Rooster from Vas and Mateusz
    Figure out solution to publish schemas and extensions (iana like register)
    When do we want to move forward with an OASIS Standards?
    We need to start getting statements of use
    Do we still want to move forward with sending the doc to the ITU?
    Fold the layout extension back into the main document for a future 2.1 release 


  • 2.  RE: Agenda for upcoming meetings

    Posted 03-27-2024 13:30
    Bret - I think one item that we might want to discuss on the list or in a meeting is the criteria for an extension's inclusion in the standard. 

    Extensions are not subordinate to the standard and play an important role in determining use of features in a way that doesn't impact the core standard as much.

    I believe that extensions should be in common use across organizations or use cases (as appropriate) before we consider them for inclusion in the standard. The rationale being that an extension by definition extends the standard for a specific use case that is not yet core to implementing the rest of the standard. This clearly is a balance as several of the features in the core standard could be argued to be in a similar state.

    If an extension is in common use and many use cases or organizations feel that it should be part of the core standard then I support its inclusion. Otherwise, I think it's best to leave it as an extension.

    Its worth a debate on the extension to core standard inclusion policy or philosophy the TC wants to adopt and it might be worth writing it down so that we can apply it consistently and fairly to all extensions.


    On Mar 27, 2024, at 10:23 AM, Bret Jordan via OASIS <Mail@mail.oasis-open.org> wrote:

  • 3.  RE: Agenda for upcoming meetings

    Posted 03-27-2024 13:41

    Agreed. We should have some documented operating procedures for extensions. This is one of the items I was thinking of when I mentioned we need to figure out the github repo and what not for extensions. Thanks for adding some context and color there.