Re: [cti] STIX 2.0-draft1

[Jerome Athias <athiasjerome@gmail.com>]

In Core Concepts, Version 2.0-draft-1

5. Abstract and  6. Introduction first block of text are identical. We
would have to 'rephrase' one (as it is not pleasant reading the same
thing twice)

Suggestion: look at the TC charter/presentation page




On Fri, Jul 22, 2016 at 8:02 AM, Jerome Athias <athiasjerome@gmail.com> wrote:
> Appendix - Acronym Glossary
>
> New comer, first time reader, would not be familiar with acronyms/abbreviations.
> While so far, I've observed they are properly introduced in the text
> at first time of appearance,
> A dedicated section (at the end of the document) would be helpful.
>
> e.g.:
> CTI
> TLO
> SDO
> ...
>
>
>
>
>
>
> On Fri, Jul 22, 2016 at 7:56 AM, Jerome Athias <athiasjerome@gmail.com> wrote:
>> In Core Concepts, Version 2.0-draft-1
>> 6.1. 6.1.Purpose
>> should be
>> 6.1. Purpose
>>
>>
>>
>> On Fri, Jul 22, 2016 at 7:50 AM, Jerome Athias <athiasjerome@gmail.com> wrote:
>>> I suggest, as much as possible, when possible and appropriate, to use
>>> directly the name of the Objects in the descriptions.
>>> e.g.:
>>>
>>> An Attack Pattern is a mechanism for describing and documenting how an
>>> attack against one or more targets may be executed.
>>> would be
>>> An Attack Pattern is a mechanism for describing and documenting how an
>>> attack against one or more Victim Target(s) may be executed.
>>>
>>>
>>> The idea is to favorite the reader in getting familiar with the
>>> terminology/objects names asap, ideally after first read.
>>>
>>>
>>>
>>>
>>> On Fri, Jul 22, 2016 at 7:45 AM, Jerome Athias <athiasjerome@gmail.com> wrote:
>>>> Comments (by emails for now - sorry...) while reviewing...
>>>>
>>>> STIX 2.0 Specification
>>>> Objects and Vocabularies, Version 2.0-draft-1
>>>>
>>>> 1. STIX Domain Objects
>>>>
>>>> Consider rephrasing:
>>>>
>>>> SDOs describe separate but related CTI data
>>>> into
>>>> SDOs describe separate, but related, CTI data
>>>> -------------------------------------------------------------------------------------------------------------------------------------------------
>>>> and they are designed to allow producers flexibility in how SDOs are associated
>>>> into
>>>> and they are designed to provide flexibility to producers while
>>>> describing how SDOs are associated
>>>> -------------------------------------------------------------------------------------------------------------------------------------------------
>>>> This modularity allows a large number of scenarios to be described
>>>> into
>>>> This modularity allows for a large number of scenarios to be described
>>>> -------------------------------------------------------------------------------------------------------------------------------------------------
>>>> which maximizes the usefulness of STIX in the CTI space.
>>>> into
>>>> which maximizes the efficiency of STIX in the CTI space, and ensure
>>>> extensibility.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, Jul 19, 2016 at 2:40 AM, Wunder, John A. <jwunder@mitre.org> wrote:
>>>>> All,
>>>>>
>>>>>
>>>>>
>>>>> After 6+ months of excellent work by the TC, the STIX editors feel that
>>>>> we’re now at the point where the STIX 2.0 working documents are “complete”
>>>>> and ready for a holistic review. There are still a couple TODOs and maybe
>>>>> some rough edges but content-wise we’re basically there. We’ve tagged the
>>>>> current version of these document versions “STIX 2.0 draft-1”: the first
>>>>> draft for what will become STIX 2.0. Congratulations, everyone!
>>>>>
>>>>>
>>>>>
>>>>> The release of this draft begins a two-week comment period: through July
>>>>> 29th, we’re hoping/expecting that each of you can take the time to do an
>>>>> in-depth review of the documents and provide your comments for discussion.
>>>>> During this period the documents will remain in Google Docs and we’ll be
>>>>> able to quickly iterate to incorporate changes and ensure that what comes
>>>>> out is the best the TC has to offer. As usual, comments and suggestions
>>>>> directly in Google Docs are the easiest for us to handle, but we’ve also
>>>>> exported PDFs and Word documents (attached) if that’s easier for you.
>>>>>
>>>>>
>>>>>
>>>>> I can’t stress this enough: now is the time to review these documents. For
>>>>> these two weeks, while the documents are in Google Docs and we have a few
>>>>> weeks left before August, we can still be relatively agile about making
>>>>> changes. In the first week of August, when we move to the OASIS template,
>>>>> we’ll lose much of that agility and have to become much more deliberate.
>>>>> It’s not a bad thing, it’s a part of the process, and comments are of course
>>>>> still greatly appreciated, but it does put more of a burden on your already
>>>>> overworked editors to adjudicate them and keep the documents up to date.
>>>>>
>>>>>
>>>>>
>>>>> Please feel free to re-distribute these documents, but keep in mind it’s an
>>>>> early draft and will likely change quite a bit. As usual, comments from
>>>>> non-TC members are acceptable but must be made through official channels on
>>>>> the cti-comment mailing list
>>>>> (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=cti).
>>>>>
>>>>>
>>>>>
>>>>> Assuming we get a lot of comments and the documents improve this week we
>>>>> expect to release draft-2 next Monday. Also, on the working call tomorrow
>>>>> we’ll give you a bit of a tour of the documents and point out areas to focus
>>>>> on. We’ve also started work on schemas and examples for this draft, which
>>>>> should be available by the middle of this week.
>>>>>
>>>>>
>>>>>
>>>>> Thanks,
>>>>>
>>>>> John, Bret, and Aharon (your STIX Editors & Co-Chairs)
>>>>>
>>>>>
>>>>>
>>>>> PS: We still have the final STIX 2.0 specification split in two to keep
>>>>> Google Docs from exploding. The intent is that when we move to the OASIS
>>>>> specification the documents will be combined into one.
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe from this mail list, you must leave the OASIS TC that
>>>>> generates this mail.  Follow this link to all your TCs in OASIS at:
>>>>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php