Re: [cti] TAXII definition of "Done"

["Jason Keirstead" <Jason.Keirstead@ca.ibm.com>]

I would also agree that TAXII features
should also meet the STIX definition of "done" in order to be
included in the spec.

-
Jason Keirstead
Lead Architect - IBM Security Connect
www.ibm.com/security

"Things may come to those who wait, but only the things left by those
who hustle." - Unknown 




From:      
 "Kelley, Sarah
E." <skelley@mitre.org>
To:      
 "cti@lists.oasis-open.org"
<cti@lists.oasis-open.org>
Date:      
 11/27/2018 04:56 PM
Subject:    
   [cti] TAXII
definition of "Done"
Sent by:    
   <cti@lists.oasis-open.org>

---

All,
 
As I mentioned on the working call today,
we have imposed a very strict definition of âDoneâ for new features/objects
in STIX, however, we have never agreed as a TC to impose the same rigorous
standards to TAXII. Given the fact that some of the issues that prompted
us to implement this definition came about when people attempted to implement
TAXII, it seems only logical to me that we would impose the same standards
to both specifications. 
 
As a reminder, the definition of âDoneâ
for STIX includes:

1. Written specification text
2. Proof of concept code from at least two different developers/companies
3. Corresponding Interop tests

For some of the newer features in TAXII,
namely TAXII query, it seems to make sense to me that it should be proved
in code before we finalize it in the specification.
 
I wanted to bring this topic to the list
and see what other people thought about this.
 
Thanks,
 
Sarah Kelley
Lead Cybersecurity Engineer, T8B2
Defensive Operations
The MITRE Corporation
703-983-6242
skelley@mitre.org

 [attachment "image003.jpg"
deleted by Jason Keirstead/CanEast/IBM]