OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: STIX RC3 Review & Implementation Feedback


We have turned back on comment rights for everyone.  Please use this document for links to all of the currently active documents.




From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Wunder, John A. <jwunder@mitre.org>
Sent: Friday, November 18, 2016 1:47:33 PM
To: cti@lists.oasis-open.org
Subject: [cti] STIX RC3 Review & Implementation Feedback



Thanks for working with us on the review of STIX RC3. We’ve had some very good feedback across all five documents and continue to make progress finalizing things.


We’ve also had some broader feedback from Allan that’s based on him passing STIX 2.0 to his implementation team to get their opinions on things. His team had some thoughts/comments on these topics:


-          Versioning (version attribute vs. modified timestamp)

-          Timestamp format (RFC3339 vs. unix epoch)

-          Timestamp precision (is it necessary?)

-          Bundle (single list vs. multiple buckets)


Allan is going to be out next week but was hoping to talk about these topics on working calls (starting Tuesday, perhaps scheduling another one or two) the week after Thanksgiving (the week of 11/28). If you have time, please review those sections of the documents in google docs (link from https://stixproject.github.io/stix2.0) and be prepared to talk about it.

Given that we’ll be having these conversations for a few weeks, it doesn’t make a ton of sense to close the comment period on the documents. We’ve re-opened comments on the Google Docs (you’ll get an invite) and will move STIX 2.0 back to a “draft” state in the documents (aka no official comment period, but please continue to review and provide comments).


Please don’t take this as a bad thing or as going backwards. This kind of implementation feedback is exactly what we wanted to get prior to finalizing 2.0. Even if we end up not changing anything because of these conversations they’re still worth having so that we go in knowing what we’re getting. Along those lines, if you can please do your own implementation evaluations so we can make sure that STIX 2.0 is solid and usable.




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]