I would have to agree. I don't think we're at this point yet. We should be nearing STIX v2.0 release (i.e. already have a draft in place) before we look at interoperability certification. This is way to premature for me.
Cheers
Terry MacDonald | Chief Product Officer
On Thu, May 19, 2016 at 5:26 AM, Jordan, Bret <bret.jordan@bluecoat.com> wrote:
Great catch Allan.... And I agree with you... I mean, long-term, if we are successful and get a lot of vendors using STIX/TAXII/CybOX then we will probably need to do something like the WiFi Alliance. However, I think that is a bit premature right now.IMO what we need is a simple way for vendors to verify that their implementations are working.. There are lots of ways this could be done... One of the many would be to produce a set of canned TLOs that a product has to consume, update the title from"Foo" to "Bar" and then republish. The check is they outputted JSON must match a certain SHA256 hash for example. (Yes JSON makes this a bit harder as there is no strict ordering of fields on output, but you get the idea).For data markings, you could consume a canned TLO and Marking_Definition that has is flagged as say TLP=RED and can your software alert on that, or flag it, or understand that they need to do something unique with it. Or even just flag that there is a Data_Marking on it.I think we can come up with a series of 10-20 simple tests for the initial interoperability testing.Thanks,BretBret Jordan CISSPDirector of Security Architecture and Standards | Office of the CTOBlue Coat SystemsPGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."On May 18, 2016, at 12:55, Allan Thomson <athomson@lookingglasscyber.com> wrote:I would like to bring attention to the broader community on Section 4 of the attached proposal that Pat sent out.Specifically “fees”.Unless I’m mistaken, this is a *significant* issue that needs to be discussed before we move forward with any such proposal.This proposal is effectively going to cost the industry members a significant amount of money for testing by a 3rd party organization that is not even involved in CTI.AllanFrom: Interoperability Subcommittee <cti-interoperability@lists.oasis-open.org> on behalf of Patrick Maroney <Pmaroney@Specere.org>
Date: Wednesday, May 18, 2016 at 11:44 AM
To: Interoperability Subcommittee <cti-interoperability@lists.oasis-open.org>, "cti-committee-chairs@lists.oasis-open.org" <cti-committee-chairs@lists.oasis-open.org>
Subject: [cti-interoperability] CTI TC <> UNH-IOL Partnership Evaluation - Read Ahead DocumentsOverviewWe are exploring the viability of a partnership between UNH-IOL and the OASIS CTI TC to fast-track the development of a suite of Interoperability and conformance tools and processes. Initial investigation reveals solid synergies with the existing UNH-IOL Frameworks (i.e., UNH-IOL IMPACT) and the elements of CTI –TC Specifications. The process underway here is to define the requirements and key elements of a full suite of OASIS CTI TC Standards Interoperability and Compliance Testing Framework and Service (again UNH-IOL IMPACT is a good reference model). We need to help INH-IOL make the business case to establish the market potential for UNH-IOL to recover their investments in delivering such capabilities. UNH-IOL efforts are ultimately funded through membership fees, testing services, and software licensing. To codify the level of interest in the proposed Testing Framework, the CTI TC needs to provide Letters of Intent from stakeholders in the Vendor Community.Road Map(1) We will discuss this proposal as part of the CTI-TC Interoperability Sub-Committee Meeting (May 19, 2016 17:00 UTC)(2) We will schedule a Q&A follow-up call with UNH-IOL for all interested stakeholders.(3) Please review attached files prior to Sub-Committee Meeting (May 19, 2016 17:00 UTC)Attachments/Read-AheadUNH-IOL CTI-TC Interoperability and Conformance Test Program(1) Proposal(2) Letter of Intent TemplatePatrick MaroneyOffice: (856)983-0001Cell: (609)841-5104<image001.png>PresidentIntegrated Networking Technologies, Inc.PO Box 569Marlton, NJ 08053