Re: [cti] RFI & Motion: JSON MTI & JSON Schemas

["Wunder, John A." <jwunder@mitre.org>]

I’ve spent a little bit of time working on these and have a version in my personal repo: http://github.com/johnwunder/stix2.0. Rich Piazza also converted over the old idioms from the STIX 1.2 github.io site.

As Aharon said, though, things are still in so much flux that it doesn’t really make a lot of sense to keep them in sync with the text specs. I would make a change and a day later someone would suggest something different. IMO these are something that we should start to work on more once we have things very close to finalized.

Another comment is that I’ve seen people using the term “normative” in relation to the schemas. I used to think the schemas would be normative too but was convinced otherwise. Schemas should be informative…that way you can resolve disagreements between the schemas and the text specifications in favor of the text specifications and ensure consistency across all of the serializations (MTI and otherwise). This is how MITRE has done other specs as well, and is how TAXII 1.1’s XML Binding Specification is written.

John

From: <cti@lists.oasis-open.org> on behalf of Aharon Chernin <achernin@soltra.com>
Date: Sunday, April 10, 2016 at 9:35 AM
To: Patrick Maroney <Pmaroney@Specere.org>, OASIS CTI TC Discussion List <cti@lists.oasis-open.org>
Subject: Re: [cti] RFI & Motion: JSON MTI & JSON Schemas

Pat,

In my opinion, STIX 2 and CybOX 2 are in too much flux to focus on their schema implementations. However, I would always encourage the community to work on schemas implementations early in the process if the would like to donate the man hours to the group.

More points towards our lack of focus on schema representation at this point:

*) We have not reached consensus on the definition of what an “observation” is, and several other frequently used high level objects, in STIX 2. An email went out from John Wunder on Thursday to the STIX TC asking for comments on both the definition of a few of the STIX high level objects and how they work together in the STIX 2 pre-draft specs. The response to this would be a good gauge to our closeness on consensus. 

*) A word of caution. STIX TC members wishing to invest the hours to build JSON schema implementations at this time risk large changes in the spec until we reach pre-draft consensus.   

*) I think the community is in alignment that a JSON schema should be made based on the agreed STIX 2 specification. I also think it is acceptable to get JSON schema availability timing based on STIX 2 draft specifications when they are available.

Aharon

From: <cti@lists.oasis-open.org> on behalf of Patrick Maroney <Pmaroney@Specere.org>
Date: Saturday, April 9, 2016 at 4:20 PM
To: OASIS CTI TC Discussion List <cti@lists.oasis-open.org>
Subject: [cti] RFI & Motion: JSON MTI & JSON Schemas

Obviously, the STIX and CybOX specifications are still very much under development.  However, I'm unable to locate any notional/draft JSON Schemas for STIX or CybOX on GitHub, OASIS Document libraries, or Slack Channel. The fact that there are only 6 posts in the 10,000's of Slack Channels/postings that even contain the word "schema" would indicate that there is no current focus on JSON Schemas.

(1) Do these exist anywhere within the known CTI TC document locations? If so, where?

(2) Do these exist anywhere in CTI TC member locations (e.g. GitHub)? If so, where?

(3) If not what is the current road map (with estimated target dates) for their creation as part of the JSON MTI?

Hopefully we have CTI TC consensus that the inclusion of normative JSON Schemas for the OASIS CTI TC Committee Specifications and Standards are critical to our success in many endeavors.  

To quickly and formally establish if this consensus exists, I submit the following motion to the CTI TC:

Motion: "I move that the inclusion of normative JSON Schemas in all OASIS CTI TC Committee Specifications and Standards based on a JSON MTI are critical to our success and are therefore mandatory deliverables".

Of particular immediate concern as one of the CTI TC Interoperability SC cochairs (and basis for formally raising this topic today) relates to the substantive technical body of work that is required to develop normative Interoperability and Conformance Documentation, Use Cases/Scenarios, Test Suites, Test Descriptor, Tools, and CTI Interoperability Testing services.

These CTI Interoperability efforts require a significant amount of planning and coordination.  The road map and target dates for the delivery of the draft JSON Schemas by the STIX and CybOX SCs represent critical dependencies  and potential high risk blocking milestones.

Note:  I created the "json-mti-schema" Slack Channel for advancing the planning and related discourse on the specific topic of CTI TC JSON schemas (and coordination of delivery of same)

Patrick Maroney
President
Integrated Networking Technologies, Inc.
Desk: (856)983-0001
Cell: (609)841-5104
Email: pmaroney@specere.org