OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: Enhancement Process

Bret,

 

For the most part I think your proposal below is on the right track. I do however have concerns about “Redefining some semantic meaning to some properties or objects in STIX”. I don’t think this should be something we should be advertising as an option. The only time I believe we’ve done this in the past is with the labels property, and only then after a very lengthy conversation and consideration of all the angles. I don’t want to create an easy/ready-made process for people to start suggesting that we redefine the meanings of all of our existing work. Doing that should be hard, and for good reason.

 

Thanks,

 

Sarah Kelley

Lead Cybersecurity Engineer, T8B2

Defensive Operations

The MITRE Corporation

703-983-6242

skelley@mitre.org

cid:image006.png@01D0A90C.2B5B2680

 

From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> On Behalf Of Bret Jordan
Sent: Tuesday, July 24, 2018 10:56 AM
To: cti@lists.oasis-open.org
Subject: [cti] Enhancement Process

 

All,

 

We have had several discussion about an enhancement process.  In an effort to help drive this forward and help us get high-level agreement on what this would mean, here are a few points. 

 

Types of Enhancements

 

  1. New Objects (STIX Domain Objects, STIX Relationship Objects, Cyber Observable Objects)
  2. Named Groupings of new properties on an existing object
  3. Adding clarity or enhanced meaning to some property (example, explaining double or triple tagging of data in a “tags” property)
  4. Redefining some semantic meaning to some properties or objects in STIX
  5. Adding elements or redefining concepts in Patterning

 

 

Requirements

 

  1. Useable by the TC itself for ideas that are not well understood
  2. Useable by people inside the TC for their ideas
  3. Useable by people outside the TC for their ideas
  4. Ability to submit, if the creators desire, the enhancement to the TC
    1. If TC wants to make changes the creators can withdraw their proposal 
  1. Ability to register, if creators desire, the enhancement in a registry run by some yet-to-be-determined group/org/method
  2. Ability to advertise in a STIX object that an enhancement is in use
  3. Ability to advertise in TAXII that an enhancement is in use
  4. Ability to filter in TAXII for enhancements

 

 

Please let me know if the list of possible enhancement types is correct and if you have any additional requirements. 

 

Bret

 

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]