OASIS OpenEoX TC

 View Only
  • 1.  Review Taxonomy/Definitions in Open GitHub Issues and Pull Request

    Posted 03-20-2024 16:54

    Dear TC Members,

    As discussed and recommended by TC members in today's OASIS OpenEoX TC monthly meeting, we kindly request your thorough review of the GitHub issues and the pull request detailed below. Your insights, feedback, and any proposed modifications are highly valuable and will allow us to move forward to incorporating further modifications to the proposed schema and specification. Please ensure to submit all your contributions by the end of the day (PDT) on Wednesday, April 10, 2024. 

    Define Common Taxonomy · Issue #11 · oasis-tcs/openeox
    GitHub remove preview
    Define Common Taxonomy · Issue #11 · oasis-tcs/openeox
    Split off from #7 create unambiguous definitions for the different states a product can be in such as "End Of Life", "End Of Development", ...
    View this on GitHub >

    Create definitions.md by santosomar · Pull Request #13 · oasis-tcs/openeox

    GitHub remove preview
    Create definitions.md by santosomar · Pull Request #13 · oasis-tcs/openeox
    This document draft aims to clearly define key terms related to the lifecycle of software and hardware products, providing a reference for understanding various phases from sales or creation to support termination. This is just a starting point and the TC will provide additional edits, inputs, etc. Fixes #11
    View this on GitHub >

    lifecycle schema proposal · Issue #15 · oasis-tcs/openeox

    GitHub remove preview
    lifecycle schema proposal · Issue #15 · oasis-tcs/openeox
    Below is a lifecycle schema proposal. It's very flexible and the general conception is similar to the CSAF schema, where items defined in the product tree are mapped to the list if lifecycle phases. The main purpose of this is to allow v...
    View this on GitHub >

    One Use Case w/ portable schema · Issue #14 · oasis-tcs/openeox

    GitHub remove preview
    One Use Case w/ portable schema · Issue #14 · oasis-tcs/openeox
    Companies including our own may speak in terms of End of Sale, End of Standard Support, End of Security Support/Life, End of Life, End of Service Life. These terms might not match the use case of other vendors. Because of this, a flexibl...
    View this on GitHub >

     

    Best regards,

    Omar



    ------------------------------
    Omar Santos
    Distinguished Engineer, AI Security Research
    Cisco Systems
    Raleigh NC
    919 412-8568
    ------------------------------


  • 2.  RE: Review Taxonomy/Definitions in Open GitHub Issues and Pull Request

    Posted 14 days ago

    Dear TC members,

    @Omar: thank you for the draft.

    I commented on the Pull Request to provide some insights from my perspective. Please do the same. So this is a call to action for all members to review the PR and comment on it.

    Best wishes,

    Thomas



    ------------------------------
    Thomas Schmidt
    Federal Office for Information Security (BSI) Germany
    ------------------------------