[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti-stix] RE: STIX MVP
Thanks Terry and Mark, great feedback. I talked it over with Mark on slack a little and decided to add the columns Terry suggested. This way we can tell whether a “not MVP” vote is really saying do it later or actually saying don’t do it at all. I also
saw comments about certain rows not being clear so I added explanations to all of them.
Lastly, if you’re comfortable making them public, please send your thoughts to the list so we can see and discuss them. If not, send them directly to me. I’ll keep track of all the responses I see and update the doc accordingly.
Here are my responses.
From: Mark Davidson <mdavidson@soltra.com>
Date: Wednesday, March 30, 2016 at 7:23 AM To: Terry MacDonald <terry@soltra.com>, "Wunder, John A." <jwunder@mitre.org>, "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org> Subject: Re: [cti-stix] RE: STIX MVP At first I wanted the 2.x vs “never” distinction, but I’m now realizing we probably don’t want to spend much time discussing the difference between 2.x/never. It might be useful to capture, but I think the high value distinction is in/out for 2.0.
I think that once we get an in/out list for 2.0 (thank you John for doing this – I can already see it’s going to be a lot of work) I think it might make sense to prioritize this list. There’s a few methods out there, and we’d just have to pick one that’s
supported by Kavi/SurveyMonkey/etc.
Note: I toyed with survey monkey for five minutes and found out there is a “ranking” question we could use – example here https://www.surveymonkey.com/r/VNSPCZL.
SurveyMonkey supports emailing the survey (instead of a web link) so I think we could have sufficient access controls.
Thank you.
-Mark
From: <cti-stix@lists.oasis-open.org> on behalf of Terry MacDonald <terry@soltra.com>
Date: Tuesday, March 29, 2016 at 7:41 PM To: "Wunder, John A." <jwunder@mitre.org>, "cti-stix@lists.oasis-open.org" <cti-stix@lists.oasis-open.org> Subject: [cti-stix] RE: STIX MVP I started going through this list today, but there are somethings in here that need further clarification about how much support we’ll aim to support
in each version of STIX. For example, I’d be happy to support a fairly simple identity object that specifies some simple information about Identity for STIX v2.0, but I wouldn’t necessarily support the full CIQ implementation of CIQ as part of the STIX v2.0
MVP. In other words, some of these topics are potentially very large rabbit holes to do down, and yet if we start of with basic functionality then they
are achievable for STIX v2.0 first release. Could we please change the headings in the table provided to be: ·
This release (2.0)
·
Future releases (2.x)
·
Not Required This will allow people to say what they don’t want in there, and to understand that not having things now still means they will happen in the future. Cheers
Terry MacDonald Senior STIX Subject Matter Expert SOLTRA | An FS-ISAC and DTCC Company +61 (407) 203 206 |
terry@soltra.com From:cti-stix@lists.oasis-open.org
[mailto:cti-stix@lists.oasis-open.org]
On Behalf Of Wunder, John A. Hey everyone, On our working group call today, one of the things we talked through was nailing down topics for the STIX 2.0 MVP (minimally viable product). To get things started,
I put together the following notional checklist after looking at what was in STIX 1.2, our draft for 2.0, and the issue tracker: https://docs.google.com/document/d/1yvqWaPPnPW-2NiVCLqzRszcx91ffMowfT5MmE9Nsy_w/edit# I have two requests for each of you:
We’ll regroup on the working group call next week. Depending on how many responses we’ve gotten we can hopefully make progress towards marking things definitely
yes or definitely no, then talk about the things in the middle. What we discussed on the call is that we’ll get to some rough consensus on a final checklist that we can have an official ballot on. John PS: As I finished typing this up I realized that both STIX co-chairs are out so I’m kind of out on a limb here. Sean and Aharon may have other ideas when they get
back, but minimally this approach seems to make sense for the time being to get us all on the same page even if they have a different path towards solidifying it. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]