OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti] Sponsors needed for STIX 2.1 CSD01 features

John Wunder/Sarah Kelley:

Can you tell me why the Infrastructure draft object did not make the list?

This is a data object that is important to several key members of the CTI TC.


On 5/18/2018 9:21 AM, Jason Keirstead wrote:
It is extremely likely we will take confidence - however I need to confirm we will have the implementation in place. You can put us down for now.

Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems

"Things may come to those who wait, but only the things left by those who hustle." - Unknown

From:        "Struse, Richard J." <rjs@mitre.org>
To:        "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>
Date:        05/18/2018 02:05 PM
Subject:        [cti] Sponsors needed for STIX 2.1 CSD01 features
Sent by:        <cti@lists.oasis-open.org>

As we discussed during the TC call this week, the recent decision by the TC to adopt a set of criteria for including new features in releases means that just because we have specification text for something does NOT mean it is going into the release – the feature must meet all of the criteria required to be “Done”.  As described in the proposalthat the TC approved, a feature is only considered “Done” when it:
  • has at least 2 independent organizations using at least 2 separate code bases running at least POC code with real or semi-real data that can interoperate, AND
  • has all normative specification text complete, AND
  • is covered by one or more interoperability tests and at least the 2 POC implementations pass those tests.
A new feature has 185 days (6 months) post-CSD ballot approval to show that it is done; if it does not meet the definition of done it will be removed from the next CSD.
Therefore, we are asking TC members to step up and offer to be “sponsors” of a feature. Sponsors are members that are interested in seeing a feature added and who are willing to help ensure that the feature meets all of the criteria for “Done”.  Please note that a feature can (and should have) multiple sponsors – the more the merrier. And it is important to note that just because you offer to sponsor a feature, it doesn’t mean that you have to do all of the work – you can (and should) collaborate with other TC members interested in that feature to ensure that all the requirements are met. But ultimately each feature needs at least two sponsors that will develop and test the proof of concept implementation of the feature.

Feature Sponsors
Opinion MITRE
Internationalization Fujitsu, New Context (Tentative)
Malware Symantec (Tentative), DC3 (Tentative)

Please take a look at the list of features above and consider which feature(s) your organization is willing to sponsor. If you are currently listed as a Tentative sponsor, please confirm if your organization is actually willing to commit to sponsor that feature.
Remember – if a feature does not meet the definition of “Done” within 185 days of CSD approval, that feature will be removed from the next CSD.  So, if your organization is counting on a particular feature, I urge you to sign up as a sponsor for it.
Please let me know if you have any questions.
Richard J. Struse
Chair, OASIS Cyber Threat Intelligence Technical Committee
Chief Strategist for Cyber Threat Intelligence
The MITRE Corporation
+1-703-983-7049 (office)
+1-703-342-8368 (mobile)

Jane Ginn, MSIA, MRP
Secretary, OASIS CTI TC
001 (928) 399-0509

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]