[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Comments on CAP-v1.2
Hello All, First off, a little about myself... I'm a Certified Information Systems Security Professional as certified by the organization found at http://www.isc2.org/. I currently work for a company that provides security operation services although my participation and any comments I might make on this list are more of a personal nature and not to be taken as being endorsed by the company I work for. In the past, I was the Chair, editor and reference software implementor of MPEG-4' IPMP specification, (Intellectual Property Management and Protection) and currently am active in ITU-T's Study Group 17 Question 4 which focusses on Cybersecurity issues. More recently in ITU-T SG17 Q4 we have been working on what is being called "Cybex", CYBersecurity information EXchange, which I believe CAP will eventually be proposed to. In part, the Cybex work is based on requirements which I helped develop over the past couple of years with other members of ITU-T. Beyond all that, I've been designing and implementing extensible and secure application and communication interfaces for about the past 11 to 12 years. Throughout all of it, my focus has been on extensible and interoperable security, which I hope can be found to be useful to the development and specification of CAP. A general comment about my impressions of the current document is that it does what it is expected to do fairly well but, it can be made better. As one can probably imagine from my preamble, the main area of my comments are in the area of extensibility and security. I look forward to future discussions on this list and any comments, questions or suggestions anyone might have about the comments I have added to the attached Word document. Warm regards, Craig Schultz
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]