OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Fwd: Re: [cti-publicmirror] Re: [cti] Summary of the working call

Forwarded on behalf of Paul Vixie.

-------- Forwarded Message --------
Return-Path: vixie@fsi.io
Date: Fri, 25 Aug 2017 04:26:44 +0000
In-Reply-To: <20170825032045.28DD89E0C3@indium.dfw01.oasis-infra.net>
References: <DDD46875-D74E-4E32-977F-2A7184436BEB@cisecurity.org> <ba25135c-3a84-f44a-5abc-7ee07428a0ef@circl.lu> <20170825032045.28DD89E0C3@indium.dfw01.oasis-infra.net>
MIME-Version: 1.0
Subject: Re: [cti-publicmirror] Re: [cti] Summary of the working call
To: Jerome Athias <jerome.athias@protonmail.com>, Alexandre.Dulaunoy@circl.lu
From: P Vix <vixie@fsi.io>
Message-ID: <26ED21C3-2F02-44CA-BE63-9F87D70FD98C@fsi.io>


I'm a guest so I can't post.

In the bind10 project we let the stakeholders have both veto and priority setting powers.

We wasted five years of our time and $3mil of their money and never produced anything useful. The project was shut down in disgrace. It's a blot on my record.

Never again. Say it with me. Never again.

Please forward to the original list if you would.

On August 24, 2017 8:20:38 PM PDT, Jerome Athias <jerome.athias@protonmail.com> wrote:
>I am disappointed to feel that our probably most important users (who
>should be key orchestrators) feedback or propositions seem to be
>constantly disregarded or not properly and carefully taken into
>consideration
>Best of luck to them here
>
>Carpe diem
>/ja
>
>On Wed, Aug 23, 2017 at 11:42 AM, Alexandre Dulaunoy
><Alexandre.Dulaunoy@circl.lu> wrote:
>
>> On 22/08/17 22:12, Sarah Kelley wrote: > On today’s working call, we
>discussed the event object. We didn’t have someone taking full notes,
>but I’ll try to summarize what was discussed below. > > > 1. The event
>object should be scoped down to just an IR type of event/incident. This
>would need to be clarified in the text, but that would then scope out
>some of our other use cases such as: > * An ‘alert’ coming into your
>system > * An ‘event’ such as a threat actor registering a domain > *
>The MISP version of ‘event’ As our past proposals (event and updated
>report) were rejected and seeing how despite expectations the new event
>SDO won't accommodate the requirements of many CERTs and considering
>that we need to move on regarding this, we propose a new SDO called
>generic event to be able to map MISP events to STIX.
>https://www.misp-project.org/generic-event-proposal-STIX-2.1.pdf Thank
>you very much -- Alexandre Dulaunoy CIRCL - Computer Incident Response
>Center Luxembourg 41, avenue de la gare L-1611 Luxembourg info@circl.lu
>- www.circl.lu - (+352) 247 88444
>---------------------------------------------------------------------
>To unsubscribe from this mail list, you must leave the OASIS TC that
>generates this mail. Follow this link to all your TCs in OASIS at:
>https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]