Dear members,
On Sun, May 12, 2024, at 17:52, Duncan Sparrell via OASIS wrote:
> PS if you aren't familiar with JADN or information modeling, you may want to read docs.oasis-open.org/openc2/imjadn/v1.0/imjadn-v1.0.html which is a Committee Note on using JADN.
> [...]
>> Hi all,
>>
>> Apologies that I haven't been following this that closely and double apologies if you have already considered this.
>>
>> Would you consider using JADN to specify your schema? JADN is the OASIS Specification for JSON Abstract Data Notation (www.oasis-open.org/standard/... <https:
www.oasis-open.org/standard/specification-for-json-abstract-data-notation-jadn-version-1-0-committee-specification-01/).="">>>
>> I believe there are some advantages to defining EoX at the information model level and then automagically deriving the data models from the information model rather than the other way round.
>>
>> Duncan [...]
I have considered JADN already, but do not see real advantages for the actionable specification of EOX
in the contexts of time-to-market, automation, and clarity and at this point in time.
But, I see risk, adding another layer using another formalism based on
Committee Specification level since 2021.
(I know, that this may well be a good final evolution level for spreading an
IPR guarded good idea - not always a need for an OASIS Standard).
My assumption is, that the market will use JSON anyways or trivial mappings to
YAML or XML.
Thoughts in random order:
After the initial TC meetings and by my personal experiences with "tools a supplier
likes to stop supporting" I am sure, we have thousands of information models
already floating around.
I see as our magic trick we want to perform (successfully) that
a simple and specific definition is agreed by the diverse membership and
accepted later by the public and everyone agrees to the prose
we write around it.
Most standards in managing actionable security information tend to
have abandoned XML in favor of JSON. I only know of DSS v2 which
is still at CS level, that took the effort to describe the information
model as well as data models for XML and JSON ... there will be others,
but a) JSON is dominant, and b) most transforms between simple
data models in one "format" to another are trivial.
Given that we plan to only add mappings to a few terms there should
be no extra effort in formulating the information model as part of the
specification prose based on JSON Schema.
We will get fast feedback from the members based on validatable
examples that - as the discussions already showed - the members
can relate to and that invoke use and abuse cases from the field.
The CSAF and the SARIF TCs did that to my knowledge already nicely
(defining the conceptual models in an actionable way as prose)
explaining the use of the data model that the market asks for and uses.
Cheers,
Stefan.
Original Message:
Sent: 5/12/2024 11:52:00 AM
From: Duncan Sparrell
Subject: RE: Motion to merge pull request #10
PS if you aren't familiar with JADN or information modeling, you may want to read https://docs.oasis-open.org/openc2/imjadn/v1.0/imjadn-v1.0.html which is a Committee Note on using JADN.
------------------------------
Duncan Sparrell
Chief Cyber Curmudgeion
sFractal Consulting LLC
Oakton VA
703-828-8646
------------------------------
Original Message:
Sent: 05-12-2024 11:49
From: Duncan Sparrell
Subject: Motion to merge pull request #10
Hi all,
Apologies that I haven't been following this that closely and double apologies if you have already considered this.
Would you consider using JADN to specify your schema? JADN is the OASIS Specification for JSON Abstract Data Notation (https://www.oasis-open.org/standard/specification-for-json-abstract-data-notation-jadn-version-1-0-committee-specification-01/).
I believe there are some advantages to defining EoX at the information model level and then automagically deriving the data models from the information model rather than the other way round.
Duncan
------------------------------
Duncan Sparrell
Chief Cyber Curmudgeion
sFractal Consulting LLC
Oakton VA
703-828-8646
Original Message:
Sent: 05-12-2024 03:13
From: Stefan Hagen
Subject: Motion to merge pull request #10
Dear members,
On Sun, May 12, 2024, at 06:14, Omar Santos via OASIS wrote:
> [...] Dear OpenEoX TC members,
>
> I hereby submit the following motion and request that if seconded and no objection received per this list before one week has passed on 2024-05-18 23:00 UTC to automatically carry. We will state the result via an mail to this list when the period has passed.
>
> I, Omar Santos, move to approve the pull request #10 ( https://github.com/oasis-tcs/openeox/pull/10 ) which contains our initial core schema draft. By merging this pull request, we will facilitate the schema review during our monthly calls and working meetings. [...]
>
> Best regards,
>
> Omar Santos [...]
I second this motion and like to amend this motion to take care to discuss and
seek consensus on my comments on that schema draft at:
- <https: github.com/oasis-tcs/openeox/pull/10#issuecomment-2046164162=""> and
- <https: github.com/oasis-tcs/openeox/pull/10#discussion_r1562439747="">
Cheers,
Stefan.
Original Message:
Sent: 5/12/2024 12:15:00 AM
From: Omar Santos
Subject: Motion to merge pull request #10
Dear OpenEoX TC members,
I hereby submit the following motion and request that if seconded and no objection received per this list before one week has passed on 2024-05-18 23:00 UTC to automatically carry. We will state the result via an mail to this list when the period has passed.
I, Omar Santos, move to approve the pull request #10 ( https://github.com/oasis-tcs/openeox/pull/10) which contains our initial core schema draft. By merging this pull request, we will facilitate the schema review during our monthly calls and working meetings.
------------------------------
Best regards,
Omar Santos
------------------------------
</https:></https:></https:>