OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cti message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [EXT] Re: [cti] Submission of STIX/TAXII to ITU-T? Plan for reply

I attend the ITU and my colleague is a working party chair. Also Juan Gonzalez from DHS is on the US delegation.  We will not let the ITU adopt version 1.  

At the last ITU meeting when this topic came up and I addressed the body I said that only the newer version 2 is what we should do.  


Sent from my Commodore 64 

PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050

On Dec 13, 2018, at 10:58 AM, Allan Thomson <athomson@lookingglasscyber.com> wrote:

Regardless of when STIX2 becomes a full approved standard I think OASIS guidance to ITU-T should be that they should not standardize a standard (version1) that is already being replaced for good reason.


I think it makes ITU-T look foolish and disconnected. But if they want to do that then go ahead. Its just an opinion.


Allan Thomson

CTO (+1-408-331-6646)

LookingGlass Cyber Solutions


From: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org> on behalf of "Kelley, Sarah E." <skelley@mitre.org>
Date: Thursday, December 13, 2018 at 9:54 AM
To: Allan Thomson <athomson@lookingglasscyber.com>, "jamie.clark@oasis-open.org" <jamie.clark@oasis-open.org>, "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>, "Struse, Richard J." <rjs@mitre.org>, "trey.darley@cert.be" <trey.darley@cert.be>
Cc: Chet Ensign <chet.ensign@oasis-open.org>
Subject: RE: [cti] Submission of STIX/TAXII to ITU-T? Plan for reply


If we would prefer to use STIX/TAXII 2, does this require that some form of STIX 2 and TAXII 2 be a full Oasis standard before next summer? Am I reading that correctly?


Sarah Kelley

Lead Cybersecurity Engineer, T8B2

Defensive Operations

The MITRE Corporation





From: cti@lists.oasis-open.org <cti@lists.oasis-open.org> On Behalf Of Allan Thomson
Sent: Thursday, December 13, 2018 12:02 PM
To: Jamie Clark <jamie.clark@oasis-open.org>; OASIS CTI TC Discussion List <cti@lists.oasis-open.org>; Struse, Richard J. <rjs@mitre.org>; trey.darley@cert.be
Cc: Chet Ensign <chet.ensign@oasis-open.org>
Subject: Re: [cti] Submission of STIX/TAXII to ITU-T? Plan for reply


The importance of making sure VERSION 2 is the version to considered as the primary standard for CTI sharing cannot be understated.


The market already does not understand the important and significant differences between v1 and v2.


I strongly suggest that OASIS make sure the ITU-T does everything it can to adopt version 2 not 1.


Allan Thomson

CTO (+1-408-331-6646)

LookingGlass Cyber Solutions


From: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org> on behalf of "jamie.clark@oasis-open.org" <jamie.clark@oasis-open.org>
Date: Thursday, December 13, 2018 at 8:49 AM
To: "cti@lists.oasis-open.org" <cti@lists.oasis-open.org>, "Struse, Richard J." <rjs@mitre.org>, "trey.darley@cert.be" <trey.darley@cert.be>
Cc: Chet Ensign <chet.ensign@oasis-open.org>
Subject: [cti] Submission of STIX/TAXII to ITU-T? Plan for reply


Dear members of the CTI TC:

After consultation with your chairs, they asked us to share this (attached) communication from ITU-T's Study Group 17 (on cybersecurity), inquiring about a contribution of STIX and TAXII for their endorsement and approval.

BACKGROUND.  OASIS has contributed many standards to global de jure standards bodies like ITU-T, including a number successfully approved by ITU's SG17. [1]  The ground rules for doing so can be found in the OASIS liaison policy [2].  There are several process requirements, which include OASIS Standard status, and an approval vote from the originating TC.

Staff's view is that submission is appropriate and expected to be successful. OASIS submissions to the study group occur with the condition that, while comments are welcome, only the final approved version of the OASIS submission can be considered ... in other words, the ITU panel would not have the right to make changes as part of its approval process.

CONSIDERATIONS FOR THIS SUBMISSION.  Your Versions 1 of STIX and TAXII of have become OASIS Standards, as you know.   Your work on bringing your Versions 2 to that status is ongoing. Our understanding with your leadership was that, while the Versions 1 are not officially deprecated, your TC wishes to encourage implementation of the newer (and differently scheme-ad) Vesrions 2;  so a promotion of Versions 1 to international standard status at this time might not achieve your goals.   We have been advised that you likely would wish to submit both STIX and TAXII  together, and wait until both versions are eligible (as an OS) before submitting. The schedule of SG17 essentially uses live meetings once every six months, so this would probably result in a mid-2019 submission, assuming you support it.

RECOMMENDATION.  If we are correct that your preference is to submit Versions 2.X, then we suggest that OASIS reply to this inquiry now, with a polite and encouraging indication that the TC expects to submit the completed version to ITU as soon as they're available, within a few months.   That would allow us to provide a positive statement as feedback to the January 2019 meeting, for which planning is now underway.


ACTION REQUESTED. Would you please let us (and the TC) know if there's any objection to that approach?  We'll plan to send the "version 2 coming soon" message, as described above, which requires no TC vote, if we hear no objections. 

If on the other hand, there is TC sentiment to send completed Versions 1 to ITU for consideration for promotion and republication as "ITU-T Recommendations" (their version of international standards), then please advise your TC leadership and my colleague Chet Ensign, as that could be done by a web ballot TC vote at any time and a short public notice to the membership.


Please feel free to contact Chet or me if you have any questions. 

Kind regards



  [1]  Including SAML, XACML and CAP (an emergency services resources info protocol).


James Bryce Clark, General Counsel
OASIS: Advancing open data, code and standards for the information society

EU Commission 2018 Rolling Plan for Open ICT Standards: http://j.mp/EUstds2018

OASIS Borderless Cybersecurity conference, October 2018: https://us18.borderlesscyber.org/en/

JPEG image

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]