[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cacao] Use of Other Standards
Arnaud proposes âwe are going to have to spend quite some time on the gap analysisâ in response to my comment that we should make use of other standards where possible. I disagree. I think we should use them when we know of them and if someone in the TC brings it to the attention of the group. I wouldnât object to people doing gap analysis but I do not think itâs a necessary prerequisite and I do not think we should slow down to do such a gap analysis. But if there are existing standards, particularly from OASIS, then I think we should at least allow for their use.
Wrt âsomeone in the TC brings it to the attention of the groupâ, I would particularly like to bring up OpenC2 (https://www.oasis-open.org/apps/org/workgroup/openc2/) for the command and control of security technology (eg machine-to-machine atomic actions). The OpenC2 TC recently approved 3 Committee Specifications for the OpenC2 language, one particular actuator, and one particular transport mechanism. Clearly more actuators and more transport specs are needed (and are in preparation) but itâs also likely the language isnât perfect and will need to add something for CACAO use cases. As TC cochair of the OpenC2 TC, I can commit to working with the CACAO TC to fill in any gaps in the OpenC2 Specification so that hopefully OpenC2 can meet the âatomic actionâ needs of CACAO. I am not saying OpenC2 has to be the exclusive C2 mechanism (albeit I wouldnât object to it either) â just that it be one of the mechanisms.
Duncan Sparrell
sFractal Consulting LLC
iPhone, iTypo, iApologize
I welcome VSRE emails. Learn more at http://vsre.info/
From:
Arnaud Taddei <Arnaud_Taddei@symantec.com>
Date: Tuesday, September 17, 2019 at 12:56 PM
To: "duncan@sfractal.com" <duncan@sfractal.com>, "cacao@lists.oasis-open.org"
<cacao@lists.oasis-open.org>
Subject: Re: [EXT] [cacao] Missing requirements
Thank you Duncan and sorry I was late  hour and I couldnât attend the call 2 weeks ago (am WP3 chairman at ITU-T SG17 and it was WP closing plenary!)
I think we are going to have to spend quite some time on the gap analysis on point 3 from Duncan below before we can even give feedback. But that will produce a lot of value in itself
De
: <cacao@lists.oasis-open.org> au nom de "duncan sfractal.com"
<duncan@sfractal.com>
Date : mardi, 17 septembre 2019 Ã 18:09
à : "cacao@lists.oasis-open.org" <cacao@lists.oasis-open.org>
Objet : [EXT] [cacao] Missing requirements
This is to document my comments at the meeting. I see 4 requirements missing from the slides that got talked about:
Duncan Sparrell
sFractal Consulting LLC
iPhone, iTypo, iApologize
I welcome VSRE emails. Learn more at http://vsre.info/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]