Submitter's message Attached are forwarded from US State Department (on behalf of US Administration) the current draft STIX and TAXII ITU tecommendations. Normally OASIS does not publish draft ITU docs on a public list but State has authority to ask us publicly about the docs. Jamie - correct me if I'm wrong and pull the email.
They are translated into 6 languages as well. They differ in no material way from OASIS Standards. The changes are:
format and organization since ITU has different formatting and organization
Replacement of some normative references with ITU approved references
Clarifications
Removal of pejorative examples
The last was a major sticking point with Russia, Iran, and China. All 3 also objected to even the concept of threat actor. Removing the examples accusing specific countries (which was not an unreasonable request and something we should avoid doing anyway) and some persausive arguing, switched China to supporting STIX but Russia and Iran still opposed due to concept of threat actor (at least that was their public reason).
The USG proposed to delay resolving until next meeting (I'll let them explain the logic as I was not in agreement - but I'm not very diplomatic) and toask for OASIS input.
So CTI is asked to send liaisons to ITU
Duncan
iPhone, iTypo, iApologize
From: Najarian, Paul B
Sent: Tuesday, March 12, 2024 3:05 PM
To: duncan sfractal.com
Cc: Mike Rosa ; Carroll, Sean ; Marlon Taylor ; Bret Jordan ; Jamie Clark
Subject: RE: USG owes OASIS/CTI docs wrt STIX
The documents are attached. For the next meeting (with meeting dates TBD), we would need to make an Input Contribution (on each).. indicating that they are based on the TDs… and where exactly the changes have been made to address all the concerns.
I will be more than happy in assisting to draft the cover of such Contribution.
On Monday, (March 11), Russia pulled the same crap on TAP documents from SG2… In one case, the Rapporteur went ballistic because the document (in the R series) had been stable over several months.. and NO issues were ever raised.. but Dmitry decided to oppose it.
There were 4 TAP documents – one of them was from China based on a Chinese standard – and that’s the ONLY one that he did not oppose. The others were from Sweden, Italy, France, etc.. they were all opposed.
Paul
-- Mr. Duncan Sparrell
Document Name: ITU TAXII
Description Attached are forwarded from US State Department (on behalf of US
Administration) the current draft STIX and TAXII ITU tecommendations.
Normally OASIS does not publish draft ITU docs on a public list but State
has authority to ask us publicly about the docs. Jamie - correct me if I'm
wrong and pull the email.
They are translated into 6 languages as well. They differ in no material
way from OASIS Standards. The changes are:
format and organization since ITU has different formatting and
organization
Replacement of some normative references with ITU approved references
Clarifications
Removal of pejorative examples
The last was a major sticking point with Russia, Iran, and China. All 3
also objected to even the concept of threat actor. Removing the examples
accusing specific countries (which was not an unreasonable request and
something we should avoid doing anyway) and some persausive arguing,
switched China to supporting STIX but Russia and Iran still opposed due to
concept of threat actor (at least that was their public reason).
The USG proposed to delay resolving until next meeting (I'll let them
explain the logic as I was not in agreement - but I'm not very diplomatic)
and toask for OASIS input.
So CTI is asked to send liaisons to ITU
Duncan
iPhone, iTypo, iApologize
From: Najarian, Paul B
Sent: Tuesday, March 12, 2024 3:05 PM
To: duncan sfractal.com
Cc: Mike Rosa ; Carroll, Sean ; Marlon Taylor ; Bret Jordan ; Jamie Clark
Subject: RE: USG owes OASIS/CTI docs wrt STIX
The documents are attached. For the next meeting (with meeting dates TBD),
we would need to make an Input Contribution (on each).. indicating that
they are based on the TDs… and where exactly the changes have been made
to address all the concerns.
I will be more than happy in assisting to draft the cover of such
Contribution.
On Monday, (March 11), Russia pulled the same crap on TAP documents from
SG2… In one case, the Rapporteur went ballistic because the document (in
the R series) had been stable over several months.. and NO issues were ever
raised.. but Dmitry decided to oppose it.
There were 4 TAP documents – one of them was from China based on a
Chinese standard – and that’s the ONLY one that he did not oppose. The
others were from Sweden, Italy, France, etc.. they were all opposed.
Paul Download Latest Revision Public Download Link
Submitter: Mr. Duncan Sparrell Group: OASIS Cyber Threat Intelligence (CTI) TC Folder: Contributions Date submitted: 2024-03-15 16:22:51
|
---------------------------------
Duncan Sparrell
Chief Cyber Curmudgeon
sFractal Consulting LLC
Oakton VA
703-828-8646
---------------------------------