Oops. Forgot attachment -- Duncan Sparrell sFractal Consulting LLC iPhone, iTypo, iApologize I welcome VSRE emails. Learn more at
http://vsre.info / From:
cti@lists.oasis-open.org <
cti@lists.oasis-open.org> on behalf of duncan sfractal.com <
duncan@sfractal.com> Date: Thursday, May 19, 2022 at 10:46 AM To:
cti@lists.oasis-open.org <
cti@lists.oasis-open.org> Subject: [cti] STIX/TAXII/ITU draft letter to discuss at today's meeting According to the process Chet outlined, we will need to (1) agree that we would like to have STIX and TAXII made into ITU standards (2) draft a letter to be sent by OASIS to it’s membership along the line of the text below. I drafted this to help with the discussion. -- Duncan Sparrell sFractal Consulting LLC iPhone, iTypo, iApologize I welcome VSRE emails. Learn more at
http://vsre.info/ Dear OASIS members, The members of the OASIS Cyber Threat Intelligence (CTI) Technical Committee (TC) [1] have requested that OASIS submit the following OASIS Standards: STIX Version 2.1 OASIS Standard 10 June 2021 TAXII Version 2.1 OASIS Standard 10 June 2021 to ITU-T Study Group 17 [2] for approval as an ITU-T Recommendation under the attached Terms of Submission. OASIS has the appropriate liaison relationship with ITU-T SG-17 to make this submission. The OASIS Liaison Policy [3] requires that management approve or reject the Request as meeting the policy's requirements; if it is accepted, the policy requires that the Request be posted for member review for 30 days, for comment on the proposed terms, before transmitting it to ITU-T. As the request has met the requirements, I now announce the member review. Structured Threat Information _expression_ (STIX) Version 2.1 was approved as an OASIS Standard in June 2021 and is available here:
https://www.oasis-open.org/standard/stix-version-2-1/ Trusted Automated Exchange of Intelligence Information (TAXII) Version 2.1 was approved as an OASIS Standard in June 2021 and is available here:
https://docs.oasis-open.org/xacml/xacml-json-http/v1.1/os/xacml-json-http-v1.1-os.html The request meets each of the applicable criteria of the Liaison Policy, and is attached to this message. Member Review Period: The member public review starts {date} at 00:00 GMT and ends {date} at 23:59 GMT. This is an open invitation to OASIS members to comment on the proposed terms of submission, described in the Request. Comments may be submitted by any OASIS member to the TC by directing them to the
oasis-member-discuss@lists.oasis-open.org mailing list. Members should not need to subscribe to the list; as each member should be able to use it automatically. If you have a problem posting to it, let us know. Please direct any other questions to
tc-administration@lists.oasis-open.org. Comments submitted to that list are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/oasis-member-discuss/ ========== Additional references: [1] Cyber Threat Intelligence Technical Committee:
https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=cti [2] ITU-T SG-17:
https://www.itu.int/en/ITU-T/studygroups/2022-2024/17/Pages/default.aspx [3] OASIS Liaison Policy:
https://www.oasis-open.org/policies-guidelines/liaison#submitwork -- Attachment: Request_to_advance_STIX2_1.docx Description: Request_to_advance_STIX2_1.docx