OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

csaf message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: 'Minutes of 2022-05-18 meeting

Dear colleagues,

As requested by the TC Admins, please find the meeting minutes of our last meeting on May 18, 2022 below. The content of this can also be (immutably) retrieved using the GitHub-Link containing the Git-Hash: https://github.com/oasis-tcs/csaf/blob/ecf1b38564a8faebee493591f8f4caaec305ff9c/meeting_minutes/2022-05-18.md

The Archive with the files is available at https://github.com/oasis-tcs/csaf/releases/download/csd-02-20220329-rc2/csd-02-20220329-rc2.zip Its SHA256 is 
25a5591111c8ae7f4296953b717dd056173b7fbf1bbd1174ae28ad6840691b17  csd-02-20220329-rc2.zip

Included Artifacts

876548f33947186b2415bb1550a50348fe69b118309dad82e68f1eba3d679dca  aggregator_json_schema.json
81ea3eee9ae11d85c083a01ad2c00e096ee5d4caa85a631bf75413bd36c3e936  csaf_json_schema.json
07b8313146db1c58cb5095d94570d65202ae67d3ac36bce9efd958d6ba14ddb7  csaf-v2-editor-draft.md
0270d0cfadf5202ff83a63502012a407e0e8ec3194a07296f13641c9f5630aba  provider_json_schema.json

Best regards,
Thomas

--------

Common Security Advisory Framework (CSAF) Technical Committee Monthly Meeting

    Meeting Date: May 18, 2022
    Time: 1:00 pm US EDT

Call to Order and Welcome

Meeting called to order @ 1:06 PM US EDT
Roll call

All participants recorded their attendance on the OASIS meeting calendar. All participants were kindly encouraged to register themselves to optimize the use of the shared time during the meeting in one of two ways:

    Clicking the link with the text "Register my attendance" on the top of the event page.
    Or directly visiting the per event direct "record my attendance link."

Quorum was reached.
Participants

    Stefan Hagen, Individual (Voting Member)
    Feng Cao, Oracle (Voting Member)
    Tania Ward, Dell (Voting Member)
    Jame Ginn, Cyber Threat Intelligence Network, Inc (Member)
    Russ Selph, TIBCO (Voting Member)
    Patrick Maroney, AT&T (Voting Member)
    Robert Keith, Accenture (Voting Member)
    Denny Page, TIBCO Software, Inc. (Voting Member)
    Russ Selph, TIBCO Software, Inc. (Member)
    Thomas Proell, Siemens (Voting Member)
    Thomas Schmidt, Federal Office for Information Security (Voting Member)
    Robert Keith, Accenture (Voting Member)
    Rhonda Levy, Cisco Systems (Voting Member)
    Omar Santos, Cisco Systems (Chair)
    Duncan Sparrell, sFractal Consulting LLC (Member)

Observers present

None

Note: Observers of this committee that are ready to become Members should follow the specific instructions displayed the OASIS Open Notices tab.
Agenda

    Roll Call via sef-registration
    Review and Discuss non-material specifications
    New Editor revision with non-material changes: https://github.com/oasis-tcs/csaf/pull/543/files
    Non-material changes to the schema (clarify wording around serial and model numbers and skus): https://github.com/oasis-tcs/csaf/pull/548/files
    Non-material changes to the schema (clarify wording around acknowledgments_t/names): https://github.com/oasis-tcs/csaf/pull/549/files
    Non-material changes to the schema (Resolving inconsistencies and improving wording): https://github.com/oasis-tcs/csaf/pull/550/files
    Non-material changes clarifying the use of the categories in remediation items: https://github.com/oasis-tcs/csaf/pull/540/files
    Next Steps
    Adjourn

Meeting Notes

    New Editor revision with non-material changes. (https://github.com/oasis-tcs/csaf/pull/543)
        All feedback received was from TC and not from outside.
        Thomas Schmidt set motion to approve and merge changes to pull request #543, to master branch.
        Denny requested a minor change take out "just published."
        Omar second motion.
        Motion approved.

    Partial (model/serial) numbres / SKUs #548 (https://github.com/oasis-tcs/csaf/pull/548)
        Non-material changes to the schema (clarify wording around serial and model numbers and skus).
        Thomas Schmidt set motion to approve pull request #548.
        Denny second motion.
        Motion approved.
        Omar to merge.

    Non-material changes to the schema (clarify wording around acknowledgments_t/names). (https://github.com/oasis-tcs/csaf/pull/549)
        Clarify entitiy "person" to be consistent and downlevel word. "Contributor" to be used and consistently in place of "person" - changing "person" to "contributer" in all places.
        Thomas Schmidt set motion to accept pull request #549.
        Tania second motion.
        Motion approved.
        Omar to merge.

    Non-material changes to the schema (Resolving inconsistencies and improving wording) (https://github.com/oasis-tcs/csaf/pull/550)
        Thomas Schmidt set motion to accept pull request #550 as is.
        Denny second motion.
        Motion approved.
        Omar to merge.

    Non-material changes clarifying the use of the categories in remediation items (https://github.com/oasis-tcs/csaf/pull/540)
        No fix and vendor fix are mutually exclusive.
        Clarified non avaialbe is stating no fix or remediation available.
        Resolved inconsistencies.
        Thomas Schmidt set motion to accept pull request #540 as is.
        Thomas Proell second motion.
        Motion #540 pull request approved
        Omar to merge.

    Pull request VEX Justification #538 (https://github.com/oasis-tcs/csaf/pull/538)
        Addresses parts of #517
        Add information stub (link still missing)
        Working to get it aligned with CSAF documentation.
        Suggestion is to merge as is and put task on editors to work with admins and to add link when it's available - by the end of this week.
        Have ballot before and link afterwards (generic link is ok).
        Thomas Schmidt set motion to approve doc in pull request #538 and with appropriate link when it's available.
        Thomas Proell second motion.
        Motion approved with no modifications.

    Test 6.1.31 - Pull Request #552 (https://github.com/oasis-tcs/csaf/pull/552)
        The proposed changes are non-material and do not affect the schema
        Omar suggested using it as a starting point.
        Resolves #547
        Clarifies case insensitivity.
        Add additional words as suggested
        Thomas set motion to change items highlighted in #547 pull request for #552 pull request.
        Stefan second motion.
        Motion approved.
        Omar to merge.

    A motion has been issued by Stefan Hagen to promote the resulting revised work products to CS02 including non-material changes only.
        The files are now linked as Release in Github (https://github.com/oasis-tcs/csaf/releases/tag/csd-02-20220329-rc2)
        Denny second motion.
        Motion passed.

    Omar set motion to cancel monthly meeting next week.
        Stefan and Denny second motion.
        Motion approved.
        Omar Will cancel next week's meeting.

Adjourn

    Omar set motion to adjourn meeting.
    Denny seconded to motion.
    The meeting adjourned at 2:02 PM US EDT

Note: All monthly meetings take place on the last Wednesday of each month at 1:00 PM US EDT. The next meeting will be held on June 29, 2022.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]