[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] STIX timestamps and ISO 8601:2000
On 23.11.2015 20:02:12, Barnum, Sean D. wrote: > > Any changes we propose to the standard MUST be traceable back to a > captured issue. > Fully agree, I'm absolutely in favor of transparency and traceability. > > This is a fundamental property of what formal standards means and is > true for CybOX and TAXII as well. > > We can’t just throw a bunch of stuff together and call it the new > version without explicitly showing what was changed and why with > traceability and transparency of the chain that got us there. > My point is two-fold. One, the timestamp issue cuts across all three standards but we don't currently have an issue tracker for CTI-wide issues. We *could* create an issue for the timestamp issue on all three issue trackers and put a comment on the TAXII/CybOX issues directing everyone to comment on the corresponding STIX tracker. But just look at how often people post 'Unsubscribe' emails to the list and you'll find clear evidence that a lot of folks just can't be bothered to read. So with that model, we'll wind up with *three* different threads to follow and somehow reconcile. If we stick with the Github issue tracker model, then we MUST create a place to capture feedback around questions that cut across multiple standards. Two, we're having trouble reaching consensus. Consider how the last STIX SC call went sideways when it emerged that the STIX co-chairs *thought* there was consensus on the Sightings object when in fact there was not. I'm *not* saying we don't use the issue trackers to ensure traceability. I *am* saying that the issue trackers alone are proving inadequate mechanisms in driving discussions toward clear consensus. We need some other mechanism to drive consensus and I don't think putting the timestamp question to a TC-wide vote is the answer. -- Cheers, Trey -- Trey Darley Senior Security Engineer 4DAA 0A88 34BC 27C9 FD2B A97E D3C6 5C74 0FB7 E430 Soltra | An FS-ISAC & DTCC Company www.soltra.com -- "It is more complicated than you think." --RFC 1925
Attachment:
signature.asc
Description: PGP signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]