OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti-stix message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: Things that are difficult in STIX



While I obviously haven’t had a chance to read this in detail, I have skimmed it and I must say that I’m impressed at the amount of thought that has gone into this analysis.  Furthermore, I think that this analysis and the discussions that this will undoubtedly inspire (provoke?) are a testament to the strength of the STIX/TAXII community.  While there are many organizations around the globe successfully using STIX/TAXII, we all understand that there is a lot of room for improvement.  The fact that this community is dealing with these issues head-on bodes very well for the long-term prospects for the STIX/TAXII ecosystem.


Thanks to you and everyone who contributed to the development of this!  Let’s all roll up our sleeves and get to work to make STIX even better.




Richard J. Struse 

Chair, OASIS Cyber Threat Intelligence (CTI) Technical Committee


Chief Advanced Technology Officer

National Cybersecurity and Communications Integration Center (NCCIC) and

Stakeholder Engagement and Cyber Infrastructure Resiliency (SECIR)

Cyber Security & Communications

U.S. Department of Homeland Security

e-mail:  Richard.Struse@dhs.gov
Phone:  202-527-2361




From: cti-stix@lists.oasis-open.org [mailto:cti-stix@lists.oasis-open.org] On Behalf Of Terry MacDonald
Sent: Tuesday, November 17, 2015 8:47 PM
To: cti-stix@lists.oasis-open.org
Subject: [cti-stix] Things that are difficult in STIX


Hi All,


We’ve spent a bit of time over the last 2 weeks thinking about where STIX could be improved. We’ve gone through the various discussion points that people have raised on and off list, and through the various experiences that we’ve had ourselves in using STIX.  The attached document is the result of that work. In it we list 25 topics that we believe could be improved in some way (or at least should be discussed).


Our hope is that the document will help prompt discourse, and move us towards consensus so that we can agree some of the cross-cutting major issues that Sean mentioned in his STIX v2.0 Roadmap wiki page. We plan to add these items to the STIX issue tracker, and to the STIX v2.0 Roadmap wiki page, so that they are accurately tracked and followed.


Please feel free to provide feedback on this document – positive or not – as the end goal is making something that was better than before. We have thick skins J.


Also - thank you to all who provided items for inclusion in the list. I haven’t named people as I wasn’t sure if they wanted their names public. But please accept my thanks for your input.




Terry MacDonald

Senior STIX Subject Matter Expert

SOLTRA | An FS-ISAC and DTCC Company

+61 (407) 203 206 | terry@soltra.com



Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]