This email and any attachments thereto may contain private, confidential, and/or privileged material for the sole use of the intended recipient. Any review, copying, or distribution of this email (or any attachments thereto) by others is strictly prohibited.
If you are not the intended recipient, please contact the sender immediately and permanently delete the original and any copies of this email and any attachments thereto.
FireEye supports this motion
From: <email@example.com> on behalf of "Kelley, Sarah E." <firstname.lastname@example.org>
Date: Friday, July 13, 2018 at 12:07 PM
To: Trey Darley <email@example.com>, "Kirillov, Ivan A." <firstname.lastname@example.org>
Cc: "Wunder, John A." <email@example.com>, "firstname.lastname@example.org" <email@example.com>
Subject: RE: [cti] STIX 2.1 CSD01
I support this.
From: firstname.lastname@example.org [mailto:email@example.com]
On Behalf Of Trey Darley
Sent: Thursday, July 12, 2018 5:18 PM
To: Kirillov, Ivan A. <firstname.lastname@example.org>
Cc: Wunder, John A. <email@example.com>; firstname.lastname@example.org
Subject: Re: [cti] STIX 2.1 CSD01
I also support this motion.
I second this motion.
>>>Email originates from a non-MITRE system. Use caution.<<<
As you probably know, one thing we as a TC are working as fast as we can towards is the release of our first CSD (Committee Specification Draft) of STIX
2.1. As you may recall, we plan on issuing a series of CSDs until such point we are ready to release a CS (Committee Specification). A CSD is basically the first step towards the TC formalizing normative text for the things included in a release of STIX, and
is also the start of our recently-balloted TC process that includes sponsorship, implementation, and interoperability text.
At the same time, as we discuss the malware object, itâs becoming clear that we still have some work to do on it. We want to make sure we get it right,
and in particular to consider how it relates to the Infrastructure object and other new SDOs planned for CSD02 and beyond.
This would do two things:
It would remove pressure on us to rush to solution on Malware and give us enough time to build more implementations, try out other approaches, and get it right.
It allows us to move forward on all of the other objects and features already in the CSD: Internationalization, Confidence, Location, Opinion, Note, support for mixed version content, and numerous other bug fixes and enhancements.
If this sounds good, we would immediately begin work to finalize the drafts to get us to a CSD01 ballot:
First, clean up any lingering issues in the current 2.1 text (including reverting Malware to what it was in 2.0)
Next, release STIX 2.1 WD01 (the first STIX 2.1 working draft) for a 2 week TC review period
Address comments, and rinse and repeat releasing working drafts for review until we have one that has no substantive changes.
Open a ballot to approve CSD01.
Based on maybe 2 iterations of the working drafts, that would mean opening a CSD ballot in the August timeframe. Once that happens and the CSD is approved
we can continue our work to get sponsors, validate implementations, and write interoperability text.
In order to do this, I move that the TC approve by unanimous consent deferring Malware to a subsequent STIX 2.1 CSD and continuing with our CSD01 release
Sent from my CRM-114 Discriminator