I would love an issue tracker that worked like stackexchange / stackoverflow
Thanks,
Bret Bret Jordan CISSPDirector of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
The problem I have with the Github trackers is there is no way to vote on anything. You can log and issue and comment... that is about it. There is no way for prioritization to take place.
Does the OASIS wiki have voting support like Mediawiki? I'd really like to have some type of voting or star-type system on issues that are logged.
This has always been one of my largest gripes against Github.
- Jason Keirstead Product Architect, Security Intelligence, IBM Security Systems www.ibm.com/security | www.securityintelligence.com
Without data, all you are is just another person with an opinion - Unknown
<graycol.gif>Aharon Chernin ---2015/07/28 10:21:18 AM---The conversations can occur in the mailing lists as long as people like. However, at some point the
From: Aharon Chernin <achernin@soltra.com> To: "Wunder, John A." <jwunder@mitre.org>, "Jordan, Bret" <bret.jordan@bluecoat.com> Cc: Jason Keirstead/CanEast/IBM@IBMCA, Trey Darley <trey@soltra.com>, "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org> Date: 2015/07/28 10:21 AM Subject: Re: [cti-stix] Proposal - Change Report Object
The conversations can occur in the mailing lists as long as people like. However, at some point the conversations should be logged as issues in the GitHub issue trackers so that we don't lose track and let the item peter out. Anyone can open the issue, but we may want to create a more sustainable process long term. Aharon Chernin CTOSOLTRA | An FS-ISAC & DTCC Company18301 Bermuda green DrTampa, fl 33647813.470.2173 | achernin@soltra.comwww.soltra.com
From: Wunder, John A. <jwunder@mitre.org> Sent: Monday, July 27, 2015 12:40 PM To: Jordan, Bret; Aharon Chernin Cc: Jason Keirstead; Trey Darley; cti-stix@lists.oasis-open.org Subject: Re: [cti-stix] Proposal - Change Report Object FWIW this would potentially be overcome by the top-level relationship construct. Though, for things like indicator composition and the observable within an indicator you would probably not use that construct.Aharon and Sean, how do you want to handle these types of discussions to work towards a decision? I know on the MITRE lists we would have these discussions and they would sometimes kind of peter out without a solid consensus. Any thoughts on how to avoid that here?JohnFrom: "Jordan, Bret" Date: Monday, July 27, 2015 at 12:33 PM To: Aharon Chernin Cc: "Wunder, John A.", Jason Keirstead, Trey Darley, "cti-stix@lists.oasis-open.org" Subject: Re: [cti-stix] Proposal - Change Report ObjectAgreed.. We need to talk through this and think about it. We need to weigh the value of it and its complexity and impossibility to implement, versus something much easier to understand and easier to implement. Some of the existing constructs in STIX I think need to be dropped and replaced in whole with something easier to understand and use. Composite indicators might be one of those case, but I have not spent enough time thinking about them yet. Too focused on other areas that are hemorrhaging. Thanks,BretBret Jordan CISSP Director of Security Architecture and Standards | Office of the CTOBlue Coat SystemsPGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050"Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
On Jul 27, 2015, at 10:28, Aharon Chernin <achernin@soltra.com> wrote:
In general, I favor referencing over inline. The only thing I haven't put much thought on is how I feel about requiring referencing when doing something like composite indicators.
Aharon Chernin CTO SOLTRA | An FS-ISAC & DTCC Company 18301 Bermuda green Dr Tampa, fl 33647 813.470.2173 | achernin@soltra.com www.soltra.com
From: cti-stix@lists.oasis-open.org <cti-stix@lists.oasis-open.org> on behalf of Jordan, Bret <bret.jordan@bluecoat.com> Sent: Monday, July 27, 2015 12:19 PM To: Wunder, John A. Cc: Jason Keirstead; Trey Darley; cti-stix@lists.oasis-open.org Subject: Re: [cti-stix] Proposal - Change Report Object I could go with that...
Thanks,
Bret
Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
On Jul 27, 2015, at 10:07, Wunder, John A. <jwunder@mitre.org> wrote:
I'm going to throw out there that we should make ALL relationships between top-level constructs reference only. That would include Report, but also things like TTPs in Indicators, etc.
From: <cti-stix@lists.oasis-open.org> on behalf of Jason Keirstead Date: Monday, July 27, 2015 at 11:59 AM To: Trey Darley Cc: "Jordan, Bret", "cti-stix@lists.oasis-open.org" Subject: Re: [cti-stix] Re: Proposal - Change Report Object
I also +1 this if we are counting votes.
- Jason Keirstead Product Architect, Security Intelligence, IBM Security Systems www.ibm.com/security | www.securityintelligence.com
Without data, all you are is just another person with an opinion - Unknown
<graycol.gif>Trey Darley ---2015/07/27 12:13:59 PM---+100, Bret! Cheers,
From: Trey Darley <trey@soltra.com> To: "Jordan, Bret" <bret.jordan@bluecoat.com>, "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org> Date: 2015/07/27 12:13 PM Subject: [cti-stix] Re: Proposal - Change Report Object Sent by: <cti-stix@lists.oasis-open.org>
+100, Bret!
Cheers, Trey -- Trey Darley Senior Security Engineer Soltra | An FS-ISAC & DTCC Company www.soltra.com
From:cti-stix@lists.oasis-open.org <cti-stix@lists.oasis-open.org> on behalf of Jordan, Bret <bret.jordan@bluecoat.com> Sent: Monday, July 27, 2015 16:57 To: cti-stix@lists.oasis-open.org Subject: [cti-stix] Proposal - Change Report Object
In STIX 2.0 I would like to propose that we change the Report Object to contain just reference to the objects that it is binding. I do not want to see it contain data itself.
[soap box] We need one way of doing things and the current data-model of STIX, while beautiful, makes writing a decision tree in code for some arbitrary data in a STIX package nearly impossible. . [/soap box]
Thanks,
Bret
Bret Jordan CISSP Director of Security Architecture and Standards | Office of the CTO Blue Coat Systems PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 "Without cryptography vihv vivc ce xhrnrw, however, the only thing that can not be unscrambled is an egg."
<graycol.gif>
|