Hi Thomas - Well that's how you kick off the new year! Very exciting.Â
I have copied Jamie to contrast and compare ISO versus ITU. He manages our liaison relationships and share thoughts on why you want to go with one versus the other. I will say that STIX and TAXII have been submittedÂto ITU and that seems to be where other security/cybersecurity standards have gone. But I don't have the background that Jamie has.Â
In my experience, I have not seen us submit OASIS Standards to multiple SDOs. I think that couldÂcause some confusion as to which ones take precedence, for example in issuing regulations.Â
- The TC will draft a document providing the terms of submission to the other organization. This is a short, 2 page form and I can send you examples that you can use as guidance. The template is in the policy document.Â
- You then request a Special Majority Vote to approve submitting the terms to the OASIS President as a request that OASIS makes this submission.Â
- Assuming the vote passes, we review the terms to ensure all is in order (Of course it will be because we'll have gone back and forth on it while you work on it) and then I will circulate it to the OASIS members for a 30 day review period.Â
- At the end of that period, assuming all is in order and no comments came in that need addressing, OASIS will make the submission. At that point, the receiving organization's processes will take over and we will just monitor.Â
Note that the terms will make clear that the TC retains responsibility for maintaining the Standard. You also commit to submit future updates to the organization as well.Â
Let me know if you have questions on this.Â
/chet