[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [cti] Re: [EXT] [cti] STIX action items for the full TC call on 6/15/17
Name is the summary of the note.
If the note is verbose content then having a short ‘name’ (or summary) is very useful.
Its akin to having a subject line in an email vs having to read the entire email to understand the summary of the email. Its an optional parameter that hardly breaks anything and adds value to certain use cases.
I don’t believe we should exclude parameters when others are suggesting it adds value to their use cases. From: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org> on behalf of Bret Jordan <Bret_Jordan@symantec.com> For opinion, I am still concerned about the scale. I think we are leaning towards an open-vocab or ENUM of values. But I am not sure we have the fully consensus of the TC on this. Yes it has been discussed on
several working calls, but that is just a subset of this whole group. Opinion also does not have the ability to link against a specific version of an object. So you may issue an opinion but the object may have been updated and your opinion is no longer valid.
Further, I really worry that we do not have digital signatures yet. I think supporting the Opinion object before digital signatures is like putting the cart before the road.
For note, I do not agree with having a "name" on the note. I do not think it makes sense to have a "name" for a note. Bret From: Werntz, Preston <Preston.Werntz@HQ.DHS.GOV> Bret – On the DHS side, we’ve been looking forward to Opinion in STIX 2.1 to help with our goal of implementing automated feedback in the Automated Indicator Sharing (AIS) initiative, so I’d like to
hear your concerns on what questions remain as that may help us think through ways to implement in AIS. Thanks! W. Preston Werntz Chief, Technology Services Section National Cybersecurity and Communications Integration Center (NCCIC) Department of Homeland Security
From: cti@lists.oasis-open.org [mailto:cti@lists.oasis-open.org]
On Behalf Of Bret Jordan While I think note/intel-note and opinion are making progress, I personally do not feel like they are done enough to add to the 2.1 documents. I think there are several unanswered questions. I think they need
some more time and discussion before they are done. Bret From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> on behalf of Sarah Kelley <Sarah.Kelley@cisecurity.org> On tomorrow’s working call, we will be addressing several topics that need TC consensus for moving forward with STIX 2.0 and STIX 2.1. In preparation for the meeting, please review the following: STIX 2.0:
STIX 2.1
The deadline for feedback/comments is Saturday June 17th. This will allow us to open a CS ballot next week. Thanks, Sarah Kelley Senior Cyber Threat Analyst Multi-State Information Sharing and Analysis Center (MS-ISAC) 31 Tech Valley Drive East Greenbush, NY 12061 518-266-3493 24x7 Security Operations Center SOC@cisecurity.org - 1-866-787-4722 This message and attachments may contain confidential information. If it appears that this message was sent to you by mistake, any retention, dissemination, distribution or copying of this
message and attachments is strictly prohibited. Please notify the sender immediately and permanently delete the message and any attachments.
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]