[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] STIX 2.0-draft1
In Core Concepts, Version 2.0-draft-1 5. Abstract and 6. Introduction first block of text are identical. We would have to 'rephrase' one (as it is not pleasant reading the same thing twice) Suggestion: look at the TC charter/presentation page On Fri, Jul 22, 2016 at 8:02 AM, Jerome Athias <athiasjerome@gmail.com> wrote: > Appendix - Acronym Glossary > > New comer, first time reader, would not be familiar with acronyms/abbreviations. > While so far, I've observed they are properly introduced in the text > at first time of appearance, > A dedicated section (at the end of the document) would be helpful. > > e.g.: > CTI > TLO > SDO > ... > > > > > > > On Fri, Jul 22, 2016 at 7:56 AM, Jerome Athias <athiasjerome@gmail.com> wrote: >> In Core Concepts, Version 2.0-draft-1 >> 6.1. 6.1.Purpose >> should be >> 6.1. Purpose >> >> >> >> On Fri, Jul 22, 2016 at 7:50 AM, Jerome Athias <athiasjerome@gmail.com> wrote: >>> I suggest, as much as possible, when possible and appropriate, to use >>> directly the name of the Objects in the descriptions. >>> e.g.: >>> >>> An Attack Pattern is a mechanism for describing and documenting how an >>> attack against one or more targets may be executed. >>> would be >>> An Attack Pattern is a mechanism for describing and documenting how an >>> attack against one or more Victim Target(s) may be executed. >>> >>> >>> The idea is to favorite the reader in getting familiar with the >>> terminology/objects names asap, ideally after first read. >>> >>> >>> >>> >>> On Fri, Jul 22, 2016 at 7:45 AM, Jerome Athias <athiasjerome@gmail.com> wrote: >>>> Comments (by emails for now - sorry...) while reviewing... >>>> >>>> STIX 2.0 Specification >>>> Objects and Vocabularies, Version 2.0-draft-1 >>>> >>>> 1. STIX Domain Objects >>>> >>>> Consider rephrasing: >>>> >>>> SDOs describe separate but related CTI data >>>> into >>>> SDOs describe separate, but related, CTI data >>>> ------------------------------------------------------------------------------------------------------------------------------------------------- >>>> and they are designed to allow producers flexibility in how SDOs are associated >>>> into >>>> and they are designed to provide flexibility to producers while >>>> describing how SDOs are associated >>>> ------------------------------------------------------------------------------------------------------------------------------------------------- >>>> This modularity allows a large number of scenarios to be described >>>> into >>>> This modularity allows for a large number of scenarios to be described >>>> ------------------------------------------------------------------------------------------------------------------------------------------------- >>>> which maximizes the usefulness of STIX in the CTI space. >>>> into >>>> which maximizes the efficiency of STIX in the CTI space, and ensure >>>> extensibility. >>>> >>>> >>>> >>>> >>>> >>>> >>>> On Tue, Jul 19, 2016 at 2:40 AM, Wunder, John A. <jwunder@mitre.org> wrote: >>>>> All, >>>>> >>>>> >>>>> >>>>> After 6+ months of excellent work by the TC, the STIX editors feel that >>>>> we’re now at the point where the STIX 2.0 working documents are “complete” >>>>> and ready for a holistic review. There are still a couple TODOs and maybe >>>>> some rough edges but content-wise we’re basically there. We’ve tagged the >>>>> current version of these document versions “STIX 2.0 draft-1”: the first >>>>> draft for what will become STIX 2.0. Congratulations, everyone! >>>>> >>>>> >>>>> >>>>> The release of this draft begins a two-week comment period: through July >>>>> 29th, we’re hoping/expecting that each of you can take the time to do an >>>>> in-depth review of the documents and provide your comments for discussion. >>>>> During this period the documents will remain in Google Docs and we’ll be >>>>> able to quickly iterate to incorporate changes and ensure that what comes >>>>> out is the best the TC has to offer. As usual, comments and suggestions >>>>> directly in Google Docs are the easiest for us to handle, but we’ve also >>>>> exported PDFs and Word documents (attached) if that’s easier for you. >>>>> >>>>> >>>>> >>>>> I can’t stress this enough: now is the time to review these documents. For >>>>> these two weeks, while the documents are in Google Docs and we have a few >>>>> weeks left before August, we can still be relatively agile about making >>>>> changes. In the first week of August, when we move to the OASIS template, >>>>> we’ll lose much of that agility and have to become much more deliberate. >>>>> It’s not a bad thing, it’s a part of the process, and comments are of course >>>>> still greatly appreciated, but it does put more of a burden on your already >>>>> overworked editors to adjudicate them and keep the documents up to date. >>>>> >>>>> >>>>> >>>>> Please feel free to re-distribute these documents, but keep in mind it’s an >>>>> early draft and will likely change quite a bit. As usual, comments from >>>>> non-TC members are acceptable but must be made through official channels on >>>>> the cti-comment mailing list >>>>> (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=cti). >>>>> >>>>> >>>>> >>>>> Assuming we get a lot of comments and the documents improve this week we >>>>> expect to release draft-2 next Monday. Also, on the working call tomorrow >>>>> we’ll give you a bit of a tour of the documents and point out areas to focus >>>>> on. We’ve also started work on schemas and examples for this draft, which >>>>> should be available by the middle of this week. >>>>> >>>>> >>>>> >>>>> Thanks, >>>>> >>>>> John, Bret, and Aharon (your STIX Editors & Co-Chairs) >>>>> >>>>> >>>>> >>>>> PS: We still have the final STIX 2.0 specification split in two to keep >>>>> Google Docs from exploding. The intent is that when we move to the OASIS >>>>> specification the documents will be combined into one. >>>>> >>>>> >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe from this mail list, you must leave the OASIS TC that >>>>> generates this mail. Follow this link to all your TCs in OASIS at: >>>>> https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]