Balllot set up: [was: OASIS CTI-wide resolution on the MTI serialization ]

[Robin Cover <robin@oasis-open.org>]

FYI to the list for public subscribers and for readers of the archive: URI references for the ballot that are not password protected

-rcc

=======================

Ballot URIs:

Public: https://www.oasis-open.org/committees/ballot.php?id=2889

Password protected: https://www.oasis-open.org/apps/org/workgroup/cti/ballot.php?id=2889

Ballot Question: Do you approve the adoption of a JSON/JSON Schema-based MTI representation for TAXII 2.0, STIX 2.0 and CybOX 3.0 refactoring efforts?

Ballot Description: NOTE: The purpose of this ballot is to unify the TC and settle an issue that has been debated for months. This is a non-binding ballot that can be reversed at any time in the future by simple majority vote of the TC. This vote will run for two weeks to ensure adequate time given the upcoming Thanksgiving holiday in the United States. Please see Trey Darley's post for much more detail on how this in no way impacts our ability to pursue alternative serialization formats in the future (XML, protobufs, JSON-LD, OWL, etc.)

Public: https://lists.oasis-open.org/archives/cti/201511/msg00105.html

Password protected: https://www.oasis-open.org/apps/org/workgroup/cti/email/archives/201511/msg00105.html

Elaboration:

============

By adopting an MTI representation, we are explicitly requiring any vendor or software product claiming CTI-compatibility to minimally support the JSON serialization. Vendors are free to define and support additional serializations (XML, protobufs, etc.) to address their specific use cases, but if they do not support the MTI serialization, their products are not CTI-interoperable and they cannot claim to support the CTI standards.

The committee chairs recognize the need for additional optional serialization formats, either now or in the future. The committee chairs are prepared to support standardizing alternative serialization formats for interoperability purposes in collaboration with the interested parties but until the TC has approved the STIX 2.0, TAXII 3.0 and CybOX 3.0 specifications we as a community do not have the bandwidth to support this effort.

Regardless of what alternative serialization formats may be defined and standardized in the future, the JSON MTI will remain the "must be this tall to ride" in terms of CTI standards compliance.

With:

https://lists.oasis-open.org/archives/cti/201511/msg00107.html

On Fri, Nov 20, 2015 at 10:58 AM, Trey Darley <trey@soltra.com> wrote:

On 20.11.2015 16:55:17, Wunder, John A. wrote:
> I second it.
>
>

Thanks, John!

Let the record show that the motion to put the serialization MTI
resolution to a vote passed. Now let's setup a vote so we can take a
decision.


Resolved:
=========
The CTI community will embrace a JSON/JSON Schema-based MTI
representation for the TAXII 2.0, STIX 2.0, and CybOX 3.0 refactoring
efforts.

Elaboration:
============
By adopting an MTI representation, we are explicitly requiring any
vendor or software product claiming CTI-compatibility to minimally
support the JSON serialization. Vendors are free to define and support
additional serializations (XML, protobufs, etc.) to address their
specific use cases, but if they do not support the MTI serialization,
their products are not CTI-interoperable and they cannot claim to
support the CTI standards.

The committee chairs recognize the need for additional optional
serialization formats, either now or in the future. The committee
chairs are prepared to support standardizing alternative serialization
formats for interoperability purposes in collaboration with the
interested parties but until the TC has approved the STIX 2.0, TAXII
3.0 and CybOX 3.0 specifications we as a community do not have the
bandwidth to support this effort.

Regardless of what alternative serialization formats may be defined
and standardized in the future, the JSON MTI will remain the "must be
this tall to ride" in terms of CTI standards compliance.

--
Cheers,
Trey
--
Trey Darley
Senior Security Engineer
4DAA 0A88 34BC 27C9 FD2B  A97E D3C6 5C74 0FB7 E430
Soltra | An FS-ISAC & DTCC Company
www.soltra.com
--
"No matter how hard you push and no matter what the priority, you
can't increase the speed of light." --RFC 1925

--

Robin Cover
OASIS, Director of Information Services
Editor, Cover Pages and XML Daily Newslink
Email: robin@oasis-open.org
Staff bio: http://www.oasis-open.org/people/staff/robin-cover
Cover Pages: http://xml.coverpages.org/
Newsletter: http://xml.coverpages.org/newsletterArchive.html
Tel: +1 972-296-1783