RE: [cti-stix] Moving STIX 1.X Forward

["Bush, Jonathan" <jbush@dtcc.com>]

Definitely agree.  We are rehashing the same arguments over and over, but making little to no real progress.

 

 

From: cti-stix@lists.oasis-open.org [mailto:cti-stix@lists.oasis-open.org] On Behalf Of Jason Keirstead
Sent: Friday, October 09, 2015 5:26 PM
To: cti-stix@lists.oasis-open.org
Subject: [cti-stix] Moving STIX 1.X Forward

 

Hello all. One thing that has become apparent during the past month of debate - STIX 2.0, no matter what it may end up being - is going to be quite a ways off before ratification as a standard. There are a lot of problems to solve and a lot more debate to be had, and this is going most certainly take time. However, I am growing a bit concerned that, while all this fantastic debate has been going on - we are neglecting many real-world important deficiencies in the STIX 1.X lineage.

 

I am referring to a number of non-breaking enhancements to STIX that have been discussed back-and-forth on the Oasis and MITRE lists for almost a year.

 

- The need for a new trust-model based marking standard that either significantly enhances the current TLP mechanisms, or replaces them altogether

- The need for improvements to the Sighting mechanisms (the whole +1 discussion)

- The need for sequence based testing

 

I would like to propose that - temporarily - the CTI-STIX subcommittee try to focus on solving some of these immediate concerns that are impacting users of STIX today in the hear-and-now. The futures conversations should continue of course - but I am wondering if we should try to come up with a separate track or committee for these two threads of this discussion, so that the 1.X line can keep moving forward?

 

I just worry a lot that we are suffering from split-brain scenario, and as a result the 1.X line is not moving forward.

 

Does anyone else feel this way?

 

-
Jason Keirstead
Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com

Without data, all you are is just another person with an opinion - Unknown

--------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses.  The company accepts no liability for any damage caused by any virus transmitted by this email.