[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Comments on CAP-v1.2
Hello All,
First off, a little about myself...
I'm a Certified Information Systems Security Professional as certified
by the organization found at http://www.isc2.org/.
I currently work for a company that provides security operation services
although my participation and any comments I might make on this list are
more of a personal nature and not to be taken as being endorsed by the
company I work for.
In the past, I was the Chair, editor and reference software implementor
of MPEG-4' IPMP specification, (Intellectual Property Management and
Protection) and currently am active in ITU-T's Study Group 17 Question 4
which focusses on Cybersecurity issues.
More recently in ITU-T SG17 Q4 we have been working on what is being
called "Cybex", CYBersecurity information EXchange, which I believe CAP will
eventually be proposed to. In part, the Cybex work is based on requirements
which I helped develop over the past couple of years with other members of
ITU-T.
Beyond all that, I've been designing and implementing extensible and
secure application and communication interfaces for about the past 11 to 12
years.
Throughout all of it, my focus has been on extensible and interoperable
security, which I hope can be found to be useful to the development and
specification of CAP.
A general comment about my impressions of the current document is that
it does what it is expected to do fairly well but, it can be made better.
As one can probably imagine from my preamble, the main area of my comments
are in the area of extensibility and security.
I look forward to future discussions on this list and any comments,
questions or suggestions anyone might have about the comments I have added
to the attached Word document.
Warm regards,
Craig Schultz
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]