John Wunder/Sarah Kelley:
Can you tell me why the Infrastructure draft object did not make
the list?
This is a data object that is important to several key members of
the CTI TC.
Jane
On 5/18/2018 9:21 AM, Jason Keirstead
wrote:
It is extremely likely we will take
confidence
- however I need to confirm we will have the implementation in
place. You
can put us down for now.
-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security
Systems
www.ibm.com/security
"Things may come to those who wait, but only the things left by
those
who hustle." - Unknown
From:
"Struse, Richard
J." <rjs@mitre.org>
To:
"cti@lists.oasis-open.org"
<cti@lists.oasis-open.org>
Date:
05/18/2018 02:05 PM
Subject:
[cti] Sponsors
needed for STIX 2.1 CSD01 features
Sent by:
<cti@lists.oasis-open.org>
All,
As we discussed during the TC call
this
week, the recent decision by the TC to adopt a set of criteria
for including
new features in releases means that just because we have
specification
text for something does NOT mean it is going into the release –
the feature
must meet all of the criteria required to be “Done”. As
described in the proposalthat the TC approved, a feature is only
considered “Done” when it:
- has at least 2 independent
organizations
using at least 2 separate code bases running at least POC
code with real
or semi-real data that can interoperate, AND
- has all normative
specification text complete,
AND
- is covered by one or more
interoperability
tests and at least the 2 POC implementations pass those
tests.
A new feature has 185 days (6
months) post-CSD
ballot approval to show that it is done; if it does not meet the
definition
of done it will be removed from the next CSD.
Therefore, we are asking TC members
to
step up and offer to be “sponsors” of a feature. Sponsors are
members
that are interested in seeing a feature added and who are
willing to help
ensure that the feature meets all of the criteria for “Done”.
Please
note that a feature can (and should have) multiple sponsors –
the more
the merrier. And it is important to note that just because you
offer to
sponsor a feature, it doesn’t mean that you have to do all
of the
work – you can (and should) collaborate with other TC members
interested
in that feature to ensure that all the requirements are met. But
ultimately
each feature needs at least two sponsors that will develop and
test the
proof of concept implementation of the feature.
Feature |
Sponsors |
Confidence |
|
Opinion |
MITRE |
Note |
|
Internationalization |
Fujitsu,
New Context (Tentative) |
Malware |
Symantec
(Tentative), DC3 (Tentative) |
Location |
|
Please take a look at the list of
features
above and consider which feature(s) your organization is
willing to sponsor.
If you are currently listed as a Tentative sponsor, please
confirm if your
organization is actually willing to commit to sponsor that
feature.
Remember – if a
feature does
not meet the definition of “Done” within 185 days of CSD
approval, that
feature will be removed from the next CSD. So, if your
organization
is counting on a particular feature, I urge you to sign up as
a sponsor
for it.
Please let me know if you have any
questions.
Thanks,
Rich
Richard J. Struse
Chair, OASIS Cyber Threat
Intelligence
Technical Committee
Chief Strategist for Cyber Threat
Intelligence
The MITRE Corporation
+1-703-983-7049 (office)
+1-703-342-8368 (mobile)
--
*****************************
Jane Ginn, MSIA, MRP
Secretary, OASIS CTI TC
jg@ctin.us
001 (928) 399-0509
*****************************
|