OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Open Public Review for STIX 2.0


As we’ve discussed a few times before, now that we have a STIX 2.0 CSD (Committee Specification Draft) we need to decide how far along the OASIS process to take the specification. The next step for work product formalization would be a Committee Specification.


As a reminder:


A Committee Specification Draft:

·         Is approved by the TC by a full majority ballot. We have this now; the current state of the specs was approved as STIX 2.0 CSD01.

·         Does not confer IPR protections as an “OASIS Standards Final Deliverable”


A Committee Specification:

·         Can only be approved after at least one public review period.

·         Is fully approved once a review period passes with no material changes required, and that draft is voted on by a special majority (2/3) vote of the TC.

  • Confers IPR protections as an “OASIS Standards Final Deliverable”
  • Given all the ballots and review periods that are required, it’ll likely be 2-3 months before we can get to this stage.


At a practical level, though, the logical next step for us regardless of CS vs. CSD is to open a public review period. This is an important step in the process to getting to a CS, but more importantly, it allows us to get feedback from those outside the TC sooner rather than later. That feedback may identify things that are broken in STIX 2.0, things that could be improved, or things that we could consider adding…so the sooner we get it done, the better. Even if we feel it’s not important to push towards a CS right now, it’s still important to open that public review for STIX 2.0 so we can get that feedback.


Some people have suggested that because we have a couple stub objects in the spec and don’t cover all of what was in STIX 1.x we may get some pushback on whether we’re “done” in the public review. Aside from just taking that as it comes (it’s good feedback!) Trey has suggested that we create an FAQ to answer common questions about why we scoped things the way we did (MVP release, etc.) and talking about our roadmap to add those objects. That should hopefully head off some of those concerns.


Are there any objections to opening a public review period on STIX 2.0? If not, we’ll go ahead to make the motion to do so Thursday morning EST.





[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]