OASIS Common Security Advisory Framework (CSAF) TC

Dear members,

regarding pull request #1221 "Initial steps to enhance the presentation
of the CSAF model" (https://github.com/oasis-tcs/csaf/pull/1221):

I hereby submit the following motion and request that if seconded and no objection received per this list before one week has passed on 2026-02-02 17:00 UTC to automatically carry.
The Chair usually states the result per mail to this list when the period has passed.

I, Stefan Hagen, move to accept the pull request as stated in
https://github.com/oasis-tcs/csaf/pull/1221 and include it into CSAF 2.1.
This motion is independent of editorial changes.
This motion can be superseded by a passing motion with the same aim during
the TC meeting on 2026-01-28.

Cheers,
Stefan.

I, Thomas Schmidt, second the motion.

Best wishes,

Thomas

------------------------------
Thomas Schmidt
Subject Matter Expert
Federal Office for Information Security (BSI) Germany
------------------------------

Original Message:
Sent: 01-26-2026 11:46
From: Stefan Hagen
Subject: Motion for #1221

Dear members,

regarding pull request #1221 "Initial steps to enhance the presentation
of the CSAF model" (https://github.com/oasis-tcs/csaf/pull/1221):

I hereby submit the following motion and request that if seconded and no objection received per this list before one week has passed on 2026-02-02 17:00 UTC to automatically carry.
The Chair usually states the result per mail to this list when the period has passed.

I, Stefan Hagen, move to accept the pull request as stated in
https://github.com/oasis-tcs/csaf/pull/1221 and include it into CSAF 2.1.
This motion is independent of editorial changes.
This motion can be superseded by a passing motion with the same aim during
the TC meeting on 2026-01-28.

Cheers,
Stefan.

Original Message:
Sent: 1/26/2026 11:47:00 AM
From: Stefan Hagen
Subject: Motion for #1221

Dear members,

regarding pull request #1221 "Initial steps to enhance the presentation
of the CSAF model" (https://github.com/oasis-tcs/csaf/pull/1221):

I hereby submit the following motion and request that if seconded and no objection received per this list before one week has passed on 2026-02-02 17:00 UTC to automatically carry.
The Chair usually states the result per mail to this list when the period has passed.

I, Stefan Hagen, move to accept the pull request as stated in
https://github.com/oasis-tcs/csaf/pull/1221 and include it into CSAF 2.1.
This motion is independent of editorial changes.
This motion can be superseded by a passing motion with the same aim during
the TC meeting on 2026-01-28.

Cheers,
Stefan.

In preparation for today's meeting, both versions have been rendered: 

- Current version: https://github.com/oasis-tcs/csaf/blob/editor-revision-2026-01-28/csaf_2.1/prose/share/csaf-v2.1-draft.md#vulnerabilities-property
- Suggested version: https://github.com/oasis-tcs/csaf/blob/valid-outlines-as-object-overviews/csaf_2.1/prose/share/csaf-v2.1-draft.md#vulnerabilities-property

I hope that helps for the direct comparison towards the picture/toc like view of the suggested change.

Best wishes,
Thomas

------------------------------
Thomas Schmidt
Subject Matter Expert
Federal Office for Information Security (BSI) Germany
------------------------------

Original Message:
Sent: 01-28-2026 02:04
From: Christian Banse
Subject: Motion for #1221

Dear members, 

I object to this motion, see discussion on the GitHub thread. We clearly said that we want to gather more feedback from the technical implementors on this. Currently we only have the stated opinion of Stefan who is strongly "pro" and myself, who is strongly "against" this. Since I was unable to attend the December meeting I do not know what the discussion on this matter has brought up except that it also stated in the issue that there is confusion in adding YAML.

I fail to see this extended written feedback yet, so in my opinion we do not have a strong basis on moving this motion.

Just to be clear, I am not per set against improving the specification aspects, but introducing another modelling language into this is very confusing in my opinion.

BR,

Christian

Original Message:
Sent: 1/26/2026 11:47:00 AM
From: Stefan Hagen
Subject: Motion for #1221

Dear members,

regarding pull request #1221 "Initial steps to enhance the presentation
of the CSAF model" (https://github.com/oasis-tcs/csaf/pull/1221):

I hereby submit the following motion and request that if seconded and no objection received per this list before one week has passed on 2026-02-02 17:00 UTC to automatically carry.
The Chair usually states the result per mail to this list when the period has passed.

I, Stefan Hagen, move to accept the pull request as stated in
https://github.com/oasis-tcs/csaf/pull/1221 and include it into CSAF 2.1.
This motion is independent of editorial changes.
This motion can be superseded by a passing motion with the same aim during
the TC meeting on 2026-01-28.

Cheers,
Stefan.