Re: [cti-stix] MTI Evaluation Criteria

[Jerome Athias <athiasjerome@gmail.com>]

A kind reminder for the pro JSON or others that without proper answers to the requirements we should not be able to go further

(Maybe a PRD document would help)

On Saturday, 24 October 2015, JG on CTI-TC <jg@ctin.us> wrote:

Jerome & All:

Attached is the MTI Evaluation Criteria Matrix I was referring to in the
previous post.  Corrections, adjustments, revisions welcome.

Jane Ginn
CTIN

On 10/19/2015 8:33 AM, Jerome Athias wrote:
> Thank you very much Jane for this effort and sharing information.
>
>
> 2015-10-19 1:29 GMT+03:00 Jane Ginn - jg@ctin.us <jg@ctin.us>:
>> Hi STIX Subcommittee Members:
>>
>> I've been reading with great interest the ongoing debate about establishing
>> a Mandatory To Implement (MTI) binding for moving us forward on STIX 2.0.
>>
>> Before Sean suggested that we table it for a while he had made the point
>> that we need to take 4 keys steps to move discussions forward in a
>> systematic way. I'll paraphrase here.
>>
>> We need to establish:
>>
>> 1)  Requirements and evaluation criteria for selecting an MTI binding;
>>
>> 2) Binding options (capabilities & limitations);
>>
>> 3) A review process to determine how each option would/could meet our
>> evaluation criteria; and
>>
>> 4) A way to guage the priorities and preferences of our members.
>>
>> To advance this agenda I have begun to put together a matrix (see attached)
>> to capture the following:
>>
>> HORIZONTAL AXIS: Evaluation criteria gleaned from the substantive
>> discussions. [Item 1, above]
>>
>> VERTICAL AXIS: Technology stack as characterized by Sean, Cory, Shawn and
>> others. [Refinement to Item 1, above]
>>
>> MATRIX CELLS: Candidate technologies that I have heard mentioned by members
>> of the TC and other interested parties. [Item 2, above]
>>
>> Note that this is just a first cut. I'm offering it here as a potential
>> framework (straw man) for advancing these discussions in a manner that will
>> help us reach a concensus sooner, rather than later. I challenge those of
>> you with an interest in this matter to edit this matrix liberally to help
>> make it really reflect group think. Perhaps it should be added to the wiki
>> for that; which might address Item 3, above.
>>
>> Note that I also acknowledge that any MTI selected for STIX must also
>> accommodate the needs of CybOX. A similar sort of matrix could be
>> constructed for that MTI selection process, if needed.
>>
>> To address Item 4 I'd like to suggest a Survey Monkey survey that captures
>> some of the ideas that get flushed out in the matrix and gives us a
>> quantitative guage of member preferences.
>>
>> All for now,
>>
>> Jane Ginn, MSIA, MRP
>> Cyber Threat Intelligence Network, Inc.
>> jg@ctin.us
>>
>>