Original Message:
Sent: 7/18/2024 12:09:00 PM
From: James Bryce Clark
Subject: RE: STIX and TAXII versions for re-submittal to ITU: request for feedback
As noted at today's TC meeting (1st session), we will regard the spec submission edits as complete tonight, failing any objections at the two TC sessions today. We will take any further comments on the draft cover letters through Jul 30, and send out a proposed final copy for final feedback on July 31, on which we will seek out final management signoff (which is not expected to be a lengthy process). Our internal deadline for posting back to ITU-T SG17 in time for its early September plenary meeting is August 15, and their official deadline for receipt is August 20. And we'll like to send earlier if possible. We will plan to bring back to the TC an official CD (or errata) vote, to align the two publication sets, at the end of the SG17 plenary.
Cordially JBC
------------------------------
James Bryce Clark
OASIS
Los Angeles
General Counsel
------------------------------
Original Message:
Sent: 07-15-2024 14:09
From: Duncan Sparrell
Subject: STIX and TAXII versions for re-submittal to ITU: request for feedback
Wrt "We do have some time for the TC to consider this, and for the editors to refine the cover letters":
Two points: "time" and "author"
Time:
IMHO you have less time than this sentence implies. Recall the the OASIS Liaison Process is quite time-consuming and we lost 6 months back when we sent our first liaison because this wasn't taken into account and we were two days late. The process "may" occur more quickly but the one time we went thru it before it took the absolute maximum allowable by the policy (https://www.oasis-open.org/policies-guidelines/liaison/liaison-policy-4-0/). I assume the administrivia paperwork required in the policy is already satisfied by the original submission, but that is just my opinion and OASIS Legal would need to concur. And I also assume that since this is an ongoing issue, that hopefully you would not need the max of the '`15 days for the President to review' followed by 30 days for member comments (whose clock starts at request time which is after the President agrees and takes days in its own right to post), after which the President has no earlier than 15 days to actually send and no more than 45 days.
I would think everyone would benefit if OASIS Staff put together a timeline - with hopefully less than these maximums for this particular case - so that the liaison could get in sooner.
In my experience, the later it is submitted, the higher the likelihood it will get punted further down the line like they did in that initial meeting. It doesn't matter that the docs are mostly the same, certain delegations will (grightly in the opinion of many) say that two documents totaling over 500 pages requires time to review to make sure those are the only changes. And do note that since this is last meeting of a 4-year period, punting will create significant delays.
I strongly recommend you move expeditiously on this.
Author:
The wording of the sentence implies the document is coming from the editor. I assume the ITU (the Russian and Iranian delegations in particular - since they are who forced this issue and have proven very adept at exploiting every loophole) are looking for input from OASIS not from the editors. So the liaison will come from the TC via OASIS (since isn't that what OASIS Policy says has has to happen unless the OASIS Board agrees to any deviations?).
------------------------------
Duncan Sparrell
Chief Cyber Curmudgeion
sFractal Consulting LLC
Oakton VA
703-828-8646
Original Message:
Sent: 06-20-2024 07:51
From: James Bryce Clark
Subject: STIX and TAXII versions for re-submittal to ITU: request for feedback
Dear Members of the CTI TC:
As you know, at your request OASIS offered STIX v2.1 and TAXII v2.1 to ITU-T's Study Group 17, for their adoption as ITU Recommendations. The study group reviewed these documents at their Spring plenary in February 2024, with several of this TC's members also participating. We received a number of comments from ITU delegates, asking both for fixes of some minor changes and typos, as well as a few larger conceptual or definitional changes.
Our attendees at the meeting concluded, in consultation with other advocates of the work, that the best approach would be to (1) make the reasonably requested minor changes, including superfluous references to attacker motives, but (2) politely decline any changes to the functionality or key defined terms, and to (3) bring the document back to the Study Group at its next meeting this September.
Accordingly, there are four documents here, attached or linked as uploaded, for your consideration and feedback.
- The STIX v2.1 specification, formatted for ITU, with the proposed acceptable changes incorporated in the STIX text, marked by the editors to show changes. That 435 page document includes an embedded cover letter to ITU at the front. It can be downloaded from your TC tools here: https://groups.oasis-open.org/higherlogic/ws/groups/c6c33da0-d1ee-42dd-9427-018dc7d32277/download/71747
- The short cover letter for STIX, which has been lightly edited to update it, and is ATTACHED here, as "T22-SG17-240220-TD-PLEN-1823!R1!MSW-E [stix cover only].docx". The cover letter describes the proposed changes, and likely is the best place to start reading.
- The TAXII v2.1 specification, formatted for ITU, with the proposed acceptable changes incorporated in the STIX text, marked by the editors to show changes. That document also includes an earlier version of the embedded cover letter. It can be downloaded from your TC tools here: https://groups.oasis-open.org/higherlogic/ws/groups/c6c33da0-d1ee-42dd-9427-018dc7d32277/download/71748
- The short cover letter for TAXII, also lightly edited to update it, and ATTACHED here, as "T22-SG17-240220-TD-PLEN-1824!!MSW-E [taxii cover only].docx". Again, the cover letter briefly describes the changes, and is a good short overview.
We do have some time for the TC to consider this, and for the editors to refine the cover letters. But the summer will pass quickly. So we would like to bring these drafts to you now, for your attention, and an opportunity to express an opinion on the editors' proposed responses, and how the proposed cover letters describe them.
This is our request for your feedback on that work package managed by co-editors Duncan Sparrell and Mike Rosa, among other contributors, last spring. Duncan is retiring from that role; Mike has agreed to stay on as an editor on the ITU side, and we may seek one more. (The TC also may wish to consider appointing a liaison from the TC to SG17.)
We and your editors will need to know if you, as the TC who owns this work, are generally in favor with the approach described in these documents, before we send it back officially. If on the other hand, you think that any of these proposed changes are inadvisable, it would be helpful to hear about that very soon, so we can address and coordinate any changes.
The editors likely will make additional improvements to the cover letter texts. taking your comments into account, and will share those back with the TC before they're finalized and sent. We will ask you in September to conduct an official vote to approve the revised documents, with all corrections, as a new CS, or the equivalent, so that we have finality on the versions of the specs, for license clarity. For now, we're asking in the short term for feedback rather than a vote.
OASIS wishes to express our strong appreciation to both Duncan and Mike, and the other delegates who attended in Geneva and assisted in framing this project correctly.
Thanks for your attention, and all your work on these essential and very successful standards.
Cordially JBC
| James Bryce ClarkGeneral Counsel & CPO
OASIS Open |
| |