I believe that once some of the big 'direction' decisions are taken with STIX v2.0 that the actual implementation at the lower levels will flow quite smoothly. At these initial stages, there will always be some passionate arguments over the major design decisions that will take some time to sort through; this is part of working within a standards body. A lot of this has already been discussed even before STIX moved to OASIS from MITRE, so I don't think it will take as long as some people are feeling it will.
Terry MacDonald | STIX, TAXII, CybOX Consultant
![]()
I am worried that work on a STIX v1.3 would just delay STIX v2.0 even longer than it otherwise would be.
Cheers
Terry MacDonald | STIX, TAXII, CybOX Consultant
Disclaimer: The opinions expressed within this email do not represent the sentiment of any other party except my own. My views do not necessarily reflect those of my employers.
On 10 October 2015 at 15:21, Jerome Athias <athiasjerome@gmail.com> wrote:
If possible, I would suggest a weekly status of the issues tracked in github.
On Saturday, 10 October 2015, Jason Keirstead <Jason.Keirstead@ca.ibm.com> wrote:Hello all. One thing that has become apparent during the past month of debate - STIX 2.0, no matter what it may end up being - is going to be quite a ways off before ratification as a standard. There are a lot of problems to solve and a lot more debate to be had, and this is going most certainly take time. However, I am growing a bit concerned that, while all this fantastic debate has been going on - we are neglecting many real-world important deficiencies in the STIX 1.X lineage.I am referring to a number of non-breaking enhancements to STIX that have been discussed back-and-forth on the Oasis and MITRE lists for almost a year.- The need for a new trust-model based marking standard that either significantly enhances the current TLP mechanisms, or replaces them altogether- The need for improvements to the Sighting mechanisms (the whole +1 discussion)- The need for sequence based testingI would like to propose that - temporarily - the CTI-STIX subcommittee try to focus on solving some of these immediate concerns that are impacting users of STIX today in the hear-and-now. The futures conversations should continue of course - but I am wondering if we should try to come up with a separate track or committee for these two threads of this discussion, so that the 1.X line can keep moving forward?I just worry a lot that we are suffering from split-brain scenario, and as a result the 1.X line is not moving forward.Does anyone else feel this way?-
Jason Keirstead
Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security | www.securityintelligence.com
Without data, all you are is just another person with an opinion - Unknown
--------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php